CVE-2008-4313

Name of the Vulnerable Software and Affected Versions tog-pegasus versions 2.7.0 tog-pegasus-devel versions 2.7.0

Description The issue concerns multiple vulnerabilities in the tog-pegasus package, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. According to Mitre, a specific Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, allowing remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.

Recommendations For tog-pegasus version 2.7.0, apply the proper configuration of the PAM tty name to prevent bypassing of access restrictions. For tog-pegasus-devel version 2.7.0, ensure that all security patches are applied to prevent exploitation of the vulnerabilities. At the moment, there is no information about a newer version that contains a fix for this vulnerability.