Vulnerabilities > CVE-2009-1933 - Credentials Management vulnerability in SUN Opensolaris and Solaris
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_140842.NASL description SunOS 5.8_x86: gssd patch. Date this patch was last updated by Sun : May/13/09 last seen 2016-09-26 modified 2011-09-18 plugin id 38775 published 2009-05-14 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=38775 title Solaris 8 (x86) : 140842-01 code #%NASL_MIN_LEVEL 999999 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(38775); script_version("1.7"); script_name(english: "Solaris 8 (x86) : 140842-01"); script_cve_id("CVE-2009-1933"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 140842-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.8_x86: gssd patch. Date this patch was last updated by Sun : May/13/09'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/140842-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N"); script_cwe_id(255); script_set_attribute(attribute:"plugin_publication_date", value: "2009/05/14"); script_cvs_date("Date: 2018/08/13 14:32:38"); script_end_attributes(); script_summary(english: "Check for patch 140842-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix."); include("solaris.inc"); e += solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"140842-01", obsoleted_by:"", package:"SUNWgss", version:"11.8.0,REV=2000.01.08.18.17"); if ( e < 0 ) { if ( NASL_LEVEL < 3000 ) security_warning(0); else security_warning(port:0, extra:solaris_get_report()); exit(0); } exit(0, "Host is not affected");
NASL family Solaris Local Security Checks NASL id SOLARIS9_112908.NASL description SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13520 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13520 title Solaris 9 (sparc) : 112908-38 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13520); script_version("1.56"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (sparc) : 112908-38"); script_summary(english:"Check for patch 112908-38"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 112908-38" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/112908-38" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstlx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcar", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbux", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgsskx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");
NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_115168.NASL description SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10 last seen 2020-06-01 modified 2020-06-02 plugin id 13620 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13620 title Solaris 9 (x86) : 115168-24 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13620); script_version("1.46"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683"); script_name(english:"Solaris 9 (x86) : 115168-24"); script_summary(english:"Check for patch 115168-24"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 115168-24" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/115168-24" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 255, 264, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");
NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_140130.NASL description SunOS 5.10_x86: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Aug/17/09 last seen 2018-09-02 modified 2018-08-13 plugin id 38785 published 2009-05-15 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=38785 title Solaris 10 (x86) : 140130-10 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(38785); script_version("1.16"); script_name(english: "Solaris 10 (x86) : 140130-10"); script_cve_id("CVE-2009-1933"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 140130-10"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Aug/17/09'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/140130-10"); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N"); script_cwe_id(255); script_set_attribute(attribute:"plugin_publication_date", value: "2009/05/15"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_end_attributes(); script_summary(english: "Check for patch 140130-10"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");
NASL family Solaris Local Security Checks NASL id SOLARIS8_140841.NASL description SunOS 5.8: gssd patch. Date this patch was last updated by Sun : May/13/09 last seen 2016-09-26 modified 2011-09-18 plugin id 38774 published 2009-05-14 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=38774 title Solaris 8 (sparc) : 140841-01 NASL family Solaris Local Security Checks NASL id SOLARIS10_140074.NASL description SunOS 5.10: pam_krb5.so.1 patch. Date this patch was last updated by Sun : Aug/17/09 last seen 2018-09-01 modified 2018-08-13 plugin id 38781 published 2009-05-15 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=38781 title Solaris 10 (sparc) : 140074-09
References
- http://secunia.com/advisories/35341
- http://secunia.com/advisories/35414
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-140841-01-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-252787-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-210.htm
- http://www.securityfocus.com/bid/35205
- http://www.vupen.com/english/advisories/2009/1499
- http://www.vupen.com/english/advisories/2009/1559