CVE-2008-4313
N/A
N/A
Summary
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id?1021283
- https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9
- https://bugzilla.redhat.com/show_bug.cgi?id=459217
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9556
- http://www.securityfocus.com/bid/32460
- http://www.redhat.com/support/errata/RHSA-2008-1001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46829
- http://osvdb.org/50277
- https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10
- http://secunia.com/advisories/32862
References
- http://www.securitytracker.com/id?1021283
- https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9
- https://bugzilla.redhat.com/show_bug.cgi?id=459217
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9556
- http://www.securityfocus.com/bid/32460
- http://www.redhat.com/support/errata/RHSA-2008-1001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46829
- http://osvdb.org/50277
- https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10
- http://secunia.com/advisories/32862
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.