CVE-2009-0360
published 2009-02-13CVE-2009-0360: Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local…
PriorityP428medium6.2CVSS 2.0
AVLACHAuNCCICAC
EXPLOIT
EPSS
0.69%
48.3th percentile
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libpam-krb5 | < libpam-krb5 3.13-2 (bookworm) | libpam-krb5 3.13-2 (bookworm) |
| eyrie | pam-krb5 | <= 3.12 | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
| eyrie | pam-krb5 | — | — |
CVSS provenance
nvdv2.06.2MEDIUMAV:L/AC:H/Au:N/C:C/I:C/A:C
osv6.2MEDIUM
vendor_debian6.2MEDIUM
vendor_redhat6.2MEDIUM
vendor_ubuntu6.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
pam-krb5 vulnerabilities
vendor_ubuntu·2009-02-12·CVSS 6.2
CVE-2009-0360 [MEDIUM] pam-krb5 vulnerabilities
Title: pam-krb5 vulnerabilities
Summary: pam-krb5 vulnerabilities
It was discovered that pam_krb5 parsed environment variables when run with
setuid applications. A local attacker could exploit this flaw to bypass
authentication checks and gain root privileges. (CVE-2009-0360)
Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing
credentials when used with setuid applications. A local attacker could exploit
this to create or overwrite arbitrary files, and possibly gain root privileges.
(CVE-2009-0361)
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2009-0360: libpam-krb5 - Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not pr...
vendor_debian·2009·CVSS 6.2
CVE-2009-0360 [MEDIUM] CVE-2009-0360: libpam-krb5 - Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not pr...
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Scope: local
bookworm: resolved (fixed in 3.13-2)
bullseye: resolved (fixed in 3.13-2)
forky: resolved (fixed in 3.13-2)
sid: resolved (fixed in 3.13-2)
trixie: resolved (fixed in 3.13-2)
Red Hat
CVE-2009-0360: Russ Allbery pam-krb5 before 3
vendor_redhat·CVSS 6.2
CVE-2009-0360 [MEDIUM] CVE-2009-0360: Russ Allbery pam-krb5 before 3
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Statement: Not vulnerable. This issue did not affect the versions of the pam_krb5 package, as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
GHSA
GHSA-56h7-99r3-xgmr: Russ Allbery pam-krb5 before 3
ghsa_unreviewed·2022-05-02
CVE-2009-0360 [MEDIUM] CWE-287 GHSA-56h7-99r3-xgmr: Russ Allbery pam-krb5 before 3
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
OSV
CVE-2009-0360: Russ Allbery pam-krb5 before 3
osv·2009-02-13·CVSS 6.2
CVE-2009-0360 [MEDIUM] CVE-2009-0360: Russ Allbery pam-krb5 before 3
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/33914http://secunia.com/advisories/33917http://secunia.com/advisories/34260http://secunia.com/advisories/34449http://security.gentoo.org/glsa/glsa-200903-39.xmlhttp://securitytracker.com/id?1021711http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1http://support.avaya.com/elmodocs2/security/ASA-2009-070.htmhttp://www.debian.org/security/2009/dsa-1721http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.htmlhttp://www.securityfocus.com/archive/1/500892/100/0/threadedhttp://www.securityfocus.com/bid/33740http://www.ubuntu.com/usn/USN-719-1http://www.vupen.com/english/advisories/2009/0410http://www.vupen.com/english/advisories/2009/0426http://www.vupen.com/english/advisories/2009/0979https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732http://secunia.com/advisories/33914http://secunia.com/advisories/33917http://secunia.com/advisories/34260http://secunia.com/advisories/34449http://security.gentoo.org/glsa/glsa-200903-39.xmlhttp://securitytracker.com/id?1021711http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1http://support.avaya.com/elmodocs2/security/ASA-2009-070.htmhttp://www.debian.org/security/2009/dsa-1721http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.htmlhttp://www.securityfocus.com/archive/1/500892/100/0/threadedhttp://www.securityfocus.com/bid/33740http://www.ubuntu.com/usn/USN-719-1http://www.vupen.com/english/advisories/2009/0410http://www.vupen.com/english/advisories/2009/0426http://www.vupen.com/english/advisories/2009/0979https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732
2009-02-13
Published