CVE-2008-4313

N/A Unknown

Published: November 27, 2008 Modified: April 23, 2026

Description

A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/50277

Source: secalert@redhat.com

http://secunia.com/advisories/32862

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-1001.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/32460

Source: secalert@redhat.com

http://www.securitytracker.com/id?1021283

Source: secalert@redhat.com

https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9

Source: secalert@redhat.com

https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=459217

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/46829

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9556

Source: secalert@redhat.com

http://osvdb.org/50277