CVE-2008-3825
First published: Thu Sep 11 2008(Updated: )
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | =5-unknown | |
| Red Hat Enterprise Linux Desktop | =5-unknown |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2008-0907.html
- https://bugzilla.redhat.com/show_bug.cgi?id=461960
- http://www.securitytracker.com/id?1020978
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html
- http://secunia.com/advisories/32119
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html
- http://secunia.com/advisories/32174
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:209
- http://secunia.com/advisories/32135
- http://www.securityfocus.com/bid/31534
- http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://secunia.com/advisories/43314
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45635
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=316461&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=316461&action=edit
- http://rhn.redhat.com/errata/RHSA-2008-0907.html
- https://admin.fedoraproject.org/updates/F8/FEDORA-2008-8605
- https://admin.fedoraproject.org/updates/F9/FEDORA-2008-8618
Frequently Asked Questions
What is the severity of CVE-2008-3825?
CVE-2008-3825 is classified as a high severity vulnerability due to the potential for privilege escalation.
How do I fix CVE-2008-3825?
To fix CVE-2008-3825, it's recommended to upgrade to a patched version of pam_krb5 or disable the existing_ticket option.
Who is affected by CVE-2008-3825?
CVE-2008-3825 affects users of Red Hat Enterprise Linux 5 and earlier versions with pam_krb5 installed.
What type of vulnerability is CVE-2008-3825?
CVE-2008-3825 is a local privilege escalation vulnerability.
Can CVE-2008-3825 be exploited remotely?
No, CVE-2008-3825 requires local access to exploit the vulnerability.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-3825
- agent/trending
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5-unknown
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/5-unknown