CVE-2008-3825

Name of the Vulnerable Software and Affected Versions pam krb5 versions 2.2.14 through 2.6.14 Red Hat Enterprise Linux (RHEL) 5 and earlier

Description The issue allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation can be carried out locally.

Recommendations For pam krb5 version 2.2.14, consider disabling the existing ticket option as a temporary workaround until a patch is available. For Red Hat Enterprise Linux (RHEL) 5 and earlier, restrict access to the su and sudo programs to minimize the risk of exploitation. Avoid using the KRB5CCNAME environment variable in the affected systems until the issue is resolved.