CVE-2009-0360

pam-krb5 <3.13 - Privilege Escalation

Title source: llm

Description

Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jon Oberheide · clocallinux

https://www.exploit-db.com/exploits/8303

View Code ZIP pw:eip

References (18)

[Vendor Advisory] http://secunia.com/advisories/33914

[Vendor Advisory] http://secunia.com/advisories/33917

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm

[Vendor Advisory] http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html

[Vendor Advisory] http://www.ubuntu.com/usn/USN-719-1

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/500892/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/33740

[Third Party Advisory] http://www.debian.org/security/2009/dsa-1721

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200903-39.xml

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1021711

[Third Party Advisory] http://secunia.com/advisories/34260

[Third Party Advisory] http://secunia.com/advisories/34449

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/0410

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/0426

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/0979

Scores

EPSS 0.0023

EPSS Percentile 45.8%

Classification

CWE

CWE-287

Status draft

Affected Products (20)

eyrie/pam-krb5 < 3.12

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

eyrie/pam-krb5

... and 5 more

Timeline

Published Feb 13, 2009

Tracked Since Feb 18, 2026