CVE-2009-1384 - OpenCVE

pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux
Eyrie	Pam-krb5

Configuration 1 [-]

AND

OR	cpe:2.3:o:redhat:enterprise_linux:5:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5::client:::::
	cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
	cpe:2.3:o:redhat:enterprise_linux:5::server:::::

OR	cpe:2.3:a:eyrie:pam-krb5:2.2.14:::::::*
	cpe:2.3:a:eyrie:pam-krb5:2.3:::::::*
	cpe:2.3:a:eyrie:pam-krb5:2.3.4:::::::*

References

Link	Resource
http://osvdb.org/54791
http://secunia.com/advisories/35230
http://secunia.com/advisories/43314
http://www.mandriva.com/security/advisories?name=MDVSA-2010:054
http://www.openwall.com/lists/oss-security/2009/05/27/1
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/35112
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vupen.com/english/advisories/2009/1448
https://bugzilla.redhat.com/show_bug.cgi?id=502602	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2009-05-28T20:14:00

Updated: 2018-10-10T18:57:01

Reserved: 2009-04-23T00:00:00

Link: CVE-2009-1384

JSON object: View

NVD Information

Status : Modified

Published: 2009-05-28T20:30:00.217

Modified: 2018-10-10T19:36:22.703

Link: CVE-2009-1384

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-05-27T00:00:00", "descriptions": [{"lang": "en", "value": "pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "35230", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35230"}, {"name": "oval:org.mitre.oval:def:9652", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502602"}, {"name": "43314", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43314"}, {"name": "[oss-security] 20090527 CVE assignment notification (pam_krb5 CVE-2009-1384)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/05/27/1"}, {"name": "oval:org.mitre.oval:def:7081", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081"}, {"name": "MDVSA-2010:054", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:054"}, {"name": "54791", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54791"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}, {"name": "ADV-2009-1448", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1448"}, {"name": "35112", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35112"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1384", "datePublished": "2009-05-28T20:14:00", "dateReserved": "2009-04-23T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "matchCriteriaId": "7361D8F0-FE84-41D0-9C62-F180339DD40A", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "5454336D-724E-4027-A642-1EFCB79C1ADC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*", "matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "D57B9A37-0003-4E3D-B0FE-9BEA46D26FF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "81821DD4-343A-4CDE-A7A6-CA606662971C", "vulnerable": true}, {"criteria": "cpe:2.3:a:eyrie:pam-krb5:2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "F0F34ECE-67B4-4B0A-BB57-A0A8F666669C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."}, {"lang": "es", "value": "pam_krb5 v2.2.14 a v2.3.4, tal como se usa Red Hat Enterprise Linux (RHEL) 5, genera diferentes peticiones de contrase\u00f1a dependiendo de si existe la cuenta de usuario, lo que permite a atacantes remotos enumerar los nombres de usuario v\u00e1lidos."}], "id": "CVE-2009-1384", "lastModified": "2018-10-10T19:36:22.703", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-05-28T20:30:00.217", "references": [{"source": "secalert@redhat.com", "url": "http://osvdb.org/54791"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35230"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/43314"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:054"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/05/27/1"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/35112"}, {"source": "secalert@redhat.com", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/1448"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502602"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "This issue did not affect the versions of the pam_krb5 packages, as shipped with Red Hat Enterprise Linux 3 and 4.\n\nThe issue was addressed in the pam_krb5 packages as shipped with Red Hat Enterprise Linux 5 via:\nhttps://rhn.redhat.com/errata/RHSA-2010-0258.html", "lastModified": "2010-03-31T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}