← back
CVE-2009-0361

CVE-2009-0361

EPSS 0.4%
Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, and then launching a setuid application that performs certain pam_setcred operations.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/33914http://secunia.com/advisories/33917http://secunia.com/advisories/33918http://secunia.com/advisories/34260http://secunia.com/advisories/34449http://security.gentoo.org/glsa/glsa-200903-39.xmlhttp://securitytracker.com/id?1021711https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5403https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5521http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1http://support.avaya.com/elmodocs2/security/ASA-2009-070.htmhttp://www.debian.org/security/2009/dsa-1721