Vulnerabilities > CVE-2004-0653 - Unspecified vulnerability in SUN Solaris 9.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_112908.NASL description SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13520 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13520 title Solaris 9 (sparc) : 112908-38 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13520); script_version("1.56"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (sparc) : 112908-38"); script_summary(english:"Check for patch 112908-38"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 112908-38" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/112908-38" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstlx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcar", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbux", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgsskx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_115168.NASL description SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13620 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13620 title Solaris 9 (x86) : 115168-24 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13620); script_version("1.46"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (x86) : 115168-24"); script_summary(english:"Check for patch 115168-24"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 115168-24" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/115168-24" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");
Oval
accepted 2005-02-23T09:25:00.000-04:00 class vulnerability contributors name Brian Soby organization The MITRE Corporation name Brian Soby organization The MITRE Corporation
description Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. family unix id oval:org.mitre.oval:def:2065 status accepted submitted 2004-10-12T12:00:00.000-04:00 title Kerberos Client Plaintext Password Vulnerability version 35 accepted 2011-05-09T04:01:28.701-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Nabil Ouchn organization Security-Database name Shane Shaffer organization G2, Inc.
description Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. family unix id oval:org.mitre.oval:def:255 status accepted submitted 2006-09-22T05:52:00.000-04:00 title Clear Text Password Logging Vulnerability version 39
References
- http://secunia.com/advisories/11940/
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101519-1
- http://www.ciac.org/ciac/bulletins/o-172.shtml
- http://www.kb.cert.org/vuls/id/523710
- http://www.securityfocus.com/bid/10606
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16450
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2065
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A255