Red Hat Customer Portal

Skip to main content

CVE-2008-0003

Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360.

Details Source

Mitre

Public Date

2008-01-07 00:00:00

Impact

Critical

Bugzilla

CVE-2008-0003 tog-pegasus pam authentication buffer overflow

Bugzilla ID

426 578

CVSS Status

draft

Mitigation

The tog-pegasus package is not installed by default on Red Hat Enterprise Linux.

tog-pegasus supplied by Red Hat binds only to one port (as plain http is
disabled), port 5989. The default firewall installed by Red Hat Enterprise
Linux will block remote access to this port. In normal use it's unlikely you'd
want to have this port accessible outside of an intranet anyway, and it's likely
to be blocked by enterprise border firewalls.

However if tog-pegasus has been installed and unblocked through the fireware,
the Red Hat Security Response Team believes that it would still be hard to
remotely exploit this issue to execute arbitrary code due to the default SELinux
targeted policy on Enterprise Linux 4 and 5, and the SELinux memory protections
enabled by default on Enterprise Linux 5.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (tog-pegasus) RHSA-2008:0002 2008-01-07
Red Hat Enterprise Linux Extended Update Support 4.5 (tog-pegasus) RHSA-2008:0002 2008-01-07
Red Hat Enterprise Linux 5 (tog-pegasus) RHSA-2008:0002 2008-01-07

CWE

CWE-121