CVE-2008-4313 Information
Description
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.
Reference
http://osvdb.org/50277 http://secunia.com/advisories/32862 http://www.redhat.com/support/errata/RHSA-2008-1001.html http://www.securityfocus.com/bid/32460 http://www.securitytracker.com/id?1021283 https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9 https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10 https://bugzilla.redhat.com/show_bug.cgi?id=459217 https://exchange.xforce.ibmcloud.com/vulnerabilities/46829 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9556
Share on: