Privilege Escalation in GNU Coreutils by Improper PAM Configuration
CVE-2008-1946

Currently unrated

Key Information:

Vendor: Gnu
Status: Coreutils
Vendor: CVE Published:; 28 July 2008

Summary

The default configuration of the 'su' command in the PAM (Pluggable Authentication Modules) settings of GNU Coreutils 5.2.1 allows local users to impersonate locked or expired accounts simply by entering the account name in the command line. This misconfiguration stems from the improper use of the pam_succeed_if.so module, which can lead to unauthorized privilege escalation and potential security breaches. Users should review their PAM configurations to mitigate this risk.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://exchange.xforce.ibmcloud.com/vulnerabilities/43993

vdb-entryx_refsource_XF

http://rhn.redhat.com/errata/RHSA-2008-0780.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Jul 28, 2008
Vulnerability Reserved
Apr 24, 2008