CVE-2009-1384

pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://osvdb.org/54791
http://secunia.com/advisories/35230
http://secunia.com/advisories/43314
http://www.mandriva.com/security/advisories?name=MDVSA-2010:054
http://www.openwall.com/lists/oss-security/2009/05/27/1
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/35112
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vupen.com/english/advisories/2009/1448
https://bugzilla.redhat.com/show_bug.cgi?id=502602	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:redhat:enterprise_linux:5:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5::client:::::
	cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
	cpe:2.3:o:redhat:enterprise_linux:5::server:::::

OR	cpe:2.3:a:eyrie:pam-krb5:2.2.14:::::::*
	cpe:2.3:a:eyrie:pam-krb5:2.3:::::::*
	cpe:2.3:a:eyrie:pam-krb5:2.3.4:::::::*

History

No history.

Information

Published : 2009-05-28 20:30

Updated : 2024-02-28 11:21

NVD link : CVE-2009-1384

Mitre link : CVE-2009-1384

CVE.ORG link : CVE-2009-1384

JSON object : View

Products Affected

eyrie

pam-krb5

redhat

enterprise_linux

CWE

CWE-287

Improper Authentication

{"id": "CVE-2009-1384", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-05-28T20:30:00.217", "references": [{"url": "http://osvdb.org/54791", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/35230", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/43314", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:054", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2009/05/27/1", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/35112", "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/1448", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502602", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."}, {"lang": "es", "value": "pam_krb5 v2.2.14 a v2.3.4, tal como se usa Red Hat Enterprise Linux (RHEL) 5, genera diferentes peticiones de contrase\u00f1a dependiendo de si existe la cuenta de usuario, lo que permite a atacantes remotos enumerar los nombres de usuario v\u00e1lidos."}], "lastModified": "2018-10-10T19:36:22.703", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7361D8F0-FE84-41D0-9C62-F180339DD40A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5454336D-724E-4027-A642-1EFCB79C1ADC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D57B9A37-0003-4E3D-B0FE-9BEA46D26FF1"}, {"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81821DD4-343A-4CDE-A7A6-CA606662971C"}, {"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0F34ECE-67B4-4B0A-BB57-A0A8F666669C"}], "operator": "OR"}], "operator": "AND"}], "vendorComments": [{"comment": "This issue did not affect the versions of the pam_krb5 packages, as shipped with Red Hat Enterprise Linux 3 and 4.\n\nThe issue was addressed in the pam_krb5 packages as shipped with Red Hat Enterprise Linux 5 via:\nhttps://rhn.redhat.com/errata/RHSA-2010-0258.html", "lastModified": "2010-03-31T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}