Red Hat Customer Portal

Skip to main content

CVE-2007-5360

Impact:
Critical
Public Date:
2008-01-08
Bugzilla:
426568: CVE-2007-5360 tog-pegasus pam authentication buffer overflow

The MITRE CVE dictionary describes this issue as:

Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than CVE-2008-0003.

Find out more about CVE-2007-5360 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. This issue did not affect versions of tog-pegasus as shipped with Red Hat Enterprise Linux 4, or 5. For more details see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-5360