Vulnerabilities > CVE-2008-5690 - Credentials Management vulnerability in SUN Opensolaris and Solaris
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_109806.NASL description SunOS 5.8_x86: /usr/lib/security/pam_krb5.. Date this patch was last updated by Sun : Dec/09/08 last seen 2016-09-26 modified 2011-10-24 plugin id 13436 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13436 title Solaris 8 (x86) : 109806-19 code #%NASL_MIN_LEVEL 999999 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(13436); script_version("1.22"); script_name(english: "Solaris 8 (x86) : 109806-19"); script_cve_id("CVE-2008-5690"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 109806-19"); script_set_attribute(attribute: "description", value: 'SunOS 5.8_x86: /usr/lib/security/pam_krb5.. Date this patch was last updated by Sun : Dec/09/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1019733.1.html"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(255); script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12"); script_cvs_date("Date: 2018/08/13 14:32:38"); script_end_attributes(); script_summary(english: "Check for patch 109806-19"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix."); include("solaris.inc"); e += solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109806-19", obsoleted_by:"112238-15 ", package:"SUNWcsl", version:"11.8.0,REV=2000.01.08.18.17"); e += solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109806-19", obsoleted_by:"112238-15 ", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.17"); if ( e < 0 ) { if ( NASL_LEVEL < 3000 ) security_warning(0); else security_warning(port:0, extra:solaris_get_report()); exit(0); } exit(0, "Host is not affected");NASL family Solaris Local Security Checks NASL id SOLARIS9_112908.NASL description SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13520 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13520 title Solaris 9 (sparc) : 112908-38 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13520); script_version("1.56"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (sparc) : 112908-38"); script_summary(english:"Check for patch 112908-38"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 112908-38" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/112908-38" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstlx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcar", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbux", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgsskx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_139478-01.NASL description SunOS 5.10: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08 last seen 2020-06-01 modified 2020-06-02 plugin id 107515 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107515 title Solaris 10 (sparc) : 139478-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(107515); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_cve_id("CVE-2008-5690"); script_name(english:"Solaris 10 (sparc) : 139478-01"); script_summary(english:"Check for patch 139478-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 139478-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08" ); script_set_attribute( attribute:"see_also", value:"https://download.oracle.com/sunalerts/1019733.1.html" ); script_set_attribute(attribute:"solution", value:"Install patch 139478-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(255); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:139478"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"139478-01", obsoleted_by:"140074-05 143561-05 141500-03 144500-19 138371-03 ", package:"SUNWkrbu", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_NOTE, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWkrbu"); }NASL family Solaris Local Security Checks NASL id SOLARIS10_139478.NASL description SunOS 5.10: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08 last seen 2018-09-01 modified 2018-08-13 plugin id 36814 published 2009-04-23 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=36814 title Solaris 10 (sparc) : 139478-01 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(36814); script_version("1.16"); script_name(english: "Solaris 10 (sparc) : 139478-01"); script_cve_id("CVE-2008-5690"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 139478-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1019733.1.html"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(255); script_set_attribute(attribute:"plugin_publication_date", value: "2009/04/23"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_end_attributes(); script_summary(english: "Check for patch 139478-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_115168.NASL description SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13620 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13620 title Solaris 9 (x86) : 115168-24 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13620); script_version("1.46"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (x86) : 115168-24"); script_summary(english:"Check for patch 115168-24"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 115168-24" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/115168-24" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_139479.NASL description SunOS 5.10_x86: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08 last seen 2018-09-02 modified 2018-08-13 plugin id 37287 published 2009-04-23 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=37287 title Solaris 10 (x86) : 139479-01 NASL family Solaris Local Security Checks NASL id SOLARIS8_109805.NASL description SunOS 5.8: /usr/lib/security/pam_krb5.so.1. Date this patch was last updated by Sun : Dec/09/08 last seen 2016-09-26 modified 2011-10-24 plugin id 13329 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13329 title Solaris 8 (sparc) : 109805-19 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_139479-01.NASL description SunOS 5.10_x86: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Dec/09/08 last seen 2020-06-01 modified 2020-06-02 plugin id 108012 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108012 title Solaris 10 (x86) : 139479-01
Oval
| accepted | 2009-02-16T04:00:21.959-05:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:5792 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2009-01-05T16:39:26.000-05:00 | ||||||||||||||||||||||||
| title | A Security Vulnerability in the Management of Solaris Kerberos (see kerberos(5)) may Lead to a User Denial of Service (DoS) Attack | ||||||||||||||||||||||||
| version | 36 |
References
- http://secunia.com/advisories/33042
- http://secunia.com/advisories/33042
- http://secunia.com/advisories/33313
- http://secunia.com/advisories/33313
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-112908-33-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-112908-33-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-244866-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-244866-1
- http://support.avaya.com/elmodocs2/security/ASA-2008-515.htm
- http://support.avaya.com/elmodocs2/security/ASA-2008-515.htm
- http://www.securityfocus.com/bid/32793
- http://www.securityfocus.com/bid/32793
- http://www.securitytracker.com/id?1021390
- http://www.securitytracker.com/id?1021390
- http://www.vupen.com/english/advisories/2008/3428
- http://www.vupen.com/english/advisories/2008/3428
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47291
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47291
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5792
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5792