CVE-2008-5690

OpenSolaris snv_01-snv_104 - Denial of Service via Kerberos Credential Renewal

Title source: llm
STIX 2.1

Description

The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5.

References (10)

Core 10
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3428
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33042
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244866-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32793
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5792
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021390
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47291
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33313

Scores

EPSS 0.0004
EPSS Percentile 13.3%

Details

CWE
CWE-255
Status published
Products (25)
sun/opensolaris snv_01 (2 CPE variants)
sun/opensolaris snv_02 (2 CPE variants)
sun/opensolaris snv_03 (2 CPE variants)
sun/opensolaris snv_04 (2 CPE variants)
sun/opensolaris snv_05 (2 CPE variants)
sun/opensolaris snv_06 (2 CPE variants)
sun/opensolaris snv_07 (2 CPE variants)
sun/opensolaris snv_08 (2 CPE variants)
sun/opensolaris snv_09 (2 CPE variants)
sun/opensolaris snv_10 (2 CPE variants)
... and 15 more
Published Dec 19, 2008
Tracked Since Feb 18, 2026