https://bugzilla.novell.com/show_bug.cgi?id=350537 Summary: tog-pegasus allows all users to access the CIMOM locally Product: openSUSE 11.0 Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: Basesystem AssignedTo: mmarek@novell.com ReportedBy: bwhiteley@novell.com QAContact: qa@suse.de CC: adanoyan@novell.com, jcarey@novell.com, jtariq@novell.com, npaxton@novell.com Found By: --- Any user can log into the CIMOM using Pegasus "Local" authentication even when /etc/Pegasus/access.conf says: -: ALL EXCEPT pegasus root:wbemLocal Since providers run as root by default, this is a serious privilege escalation vulnerability. "Local" authentication is a means of authentication where the cimserver writes a random string to a file, then changes the ownership and mode of the file so that only the person attempting to log in can read it. If the client reads the file, and returns the contents of the file to the cimserver, the user is allowed to log into the cimserver. PAM is not used. I suspect that /etc/Pegasus/access.conf is used only with PAM authentication, and is not being checked for Local authentication. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.