English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-3825
Description:pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
Test IDs: 1.3.6.1.4.1.25623.1.0.860408   1.3.6.1.4.1.25623.1.0.61707   1.3.6.1.4.1.25623.1.0.860732   1.3.6.1.4.1.25623.1.0.61703   1.3.6.1.4.1.25623.1.0.65952   1.3.6.1.4.1.25623.1.0.61708   1.3.6.1.4.1.25623.1.0.122551   1.3.6.1.4.1.25623.1.0.61687   1.3.6.1.4.1.25623.1.0.61983  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-3825
1020978
http://www.securitytracker.com/id?1020978
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
http://www.securityfocus.com/archive/1/516397/100/0/threaded
31534
http://www.securityfocus.com/bid/31534
32119
http://secunia.com/advisories/32119
32135
http://secunia.com/advisories/32135
32174
http://secunia.com/advisories/32174
43314
http://secunia.com/advisories/43314
FEDORA-2008-8605
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html
FEDORA-2008-8618
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html
MDVSA-2008:209
http://www.mandriva.com/security/advisories?name=MDVSA-2008:209
RHSA-2008:0907
http://www.redhat.com/support/errata/RHSA-2008-0907.html
SUSE-SR:2008:027
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=461960
https://bugzilla.redhat.com/show_bug.cgi?id=461960
oval:org.mitre.oval:def:10923
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923
pamkrb5-existingticket-privilege-escalation(45635)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45635



© 1998-2025 E-Soft Inc. All rights reserved.