CVE-2006-7108 - OpenCVE

login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Andries Brouwer	Util-linux

Configuration 1 [-]

cpe:2.3:a:andries_brouwer:util-linux:2.12a:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/25098	Vendor Advisory
http://secunia.com/advisories/25530	Vendor Advisory
http://secunia.com/advisories/25692	Vendor Advisory
http://secunia.com/advisories/25935	Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-252.htm
http://www.mandriva.com/security/advisories?name=MDKSA-2007:111
http://www.redhat.com/support/errata/RHSA-2007-0235.html
http://www.securityfocus.com/bid/24321
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177331
https://issues.rpath.com/browse/RPL-1359
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9689

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-04T22:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2007-03-04T00:00:00

Link: CVE-2006-7108

JSON object: View

NVD Information

Status : Modified

Published: 2007-03-04T22:19:00.000

Modified: 2017-10-11T01:31:29.347

Link: CVE-2006-7108

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-18T00:00:00", "descriptions": [{"lang": "en", "value": "login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25098", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25098"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1359"}, {"name": "25935", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25935"}, {"name": "24321", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24321"}, {"name": "RHSA-2007:0235", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0235.html"}, {"name": "MDKSA-2007:111", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:111"}, {"name": "25692", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25692"}, {"name": "25530", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25530"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-252.htm"}, {"name": "oval:org.mitre.oval:def:9689", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9689"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177331"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7108", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25098", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25098"}, {"name": "https://issues.rpath.com/browse/RPL-1359", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1359"}, {"name": "25935", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25935"}, {"name": "24321", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24321"}, {"name": "RHSA-2007:0235", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0235.html"}, {"name": "MDKSA-2007:111", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:111"}, {"name": "25692", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25692"}, {"name": "25530", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25530"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-252.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-252.htm"}, {"name": "oval:org.mitre.oval:def:9689", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9689"}, {"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177331", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177331"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7108", "datePublished": "2007-03-04T22:00:00", "dateReserved": "2007-03-04T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:andries_brouwer:util-linux:2.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E5A0D9EB-8FB6-41EB-9ED2-94B5C397430B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok."}, {"lang": "es", "value": "la entrada en util-linux-2.12a se salta pam_acct_mgmt y chauth_tok cuando la validaci\u00f3n es saltada, por ejemplo cuando se ha establecido una sesi\u00f3n del krlogin del Kerberos, lo cual podr\u00eda permitir a usuarios evitar las pol\u00edticas previstas de acceso que estar\u00edan forzadas por el pam_acct_mgmt y el chauth_tok."}], "id": "CVE-2006-7108", "lastModified": "2017-10-11T01:31:29.347", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 2.7, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-04T22:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25098"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25530"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25692"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25935"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-252.htm"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:111"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2007-0235.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24321"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177331"}, {"source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1359"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9689"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.\n\nThis flaw has been rated as having a low severity by the Red Hat Security Response Team. More information about this rating can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThis flaw is currently being tracked via the following bugs:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=231449\nhttps://bugzilla.redhat.com/show_bug.cgi?id=231448\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 and 3 which are in maintenance mode.\n", "lastModified": "2007-09-07T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}