VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.00232	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.00232	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.00232	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
epss	0.0025	https://api.first.org/data/v1/epss?cve=CVE-2009-0360
cvssv2	6.2	https://nvd.nist.gov/vuln/detail/CVE-2009-0360

System

Score

Found at

epss

0.00232

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.00232

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.00232

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

epss

0.0025

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

cvssv2

6.2

https://nvd.nist.gov/vuln/detail/CVE-2009-0360

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0360.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-0360
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360
		http://secunia.com/advisories/33914
		http://secunia.com/advisories/33917
		http://secunia.com/advisories/34260
		http://secunia.com/advisories/34449
		http://security.gentoo.org/glsa/glsa-200903-39.xml
		http://securitytracker.com/id?1021711
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732
		http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1
		http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm
		http://www.debian.org/security/2009/dsa-1721
		http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html
		http://www.securityfocus.com/archive/1/500892/100/0/threaded
		http://www.securityfocus.com/bid/33740
		http://www.ubuntu.com/usn/USN-719-1
		http://www.vupen.com/english/advisories/2009/0410
		http://www.vupen.com/english/advisories/2009/0426
		http://www.vupen.com/english/advisories/2009/0979
cpe:2.3:a:eyrie:pam-krb5::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5::::::::
cpe:2.3:a:eyrie:pam-krb5:2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.0:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.1:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.2:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.3:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.4:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.5:::::::*
cpe:2.3:a:eyrie:pam-krb5:2.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.6:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.0:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.1:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.10:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.11:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.2:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.3:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.4:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.5:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.6:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.7:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.8:::::::*
cpe:2.3:a:eyrie:pam-krb5:3.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.9:::::::*
CVE-2009-0360		https://nvd.nist.gov/vuln/detail/CVE-2009-0360
GLSA-200903-39		https://security.gentoo.org/glsa/200903-39
GLSA-201412-08		https://security.gentoo.org/glsa/201412-08
OSVDB-54343;CVE-2009-0360	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/8303.c
USN-719-1		https://usn.ubuntu.com/719-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0360.json

https://api.first.org/data/v1/epss?cve=CVE-2009-0360

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360

http://secunia.com/advisories/33914

http://secunia.com/advisories/33917

http://secunia.com/advisories/34260

http://secunia.com/advisories/34449

http://security.gentoo.org/glsa/glsa-200903-39.xml

http://securitytracker.com/id?1021711

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732

http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1

http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm

http://www.debian.org/security/2009/dsa-1721

http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html

http://www.securityfocus.com/archive/1/500892/100/0/threaded

http://www.securityfocus.com/bid/33740

http://www.ubuntu.com/usn/USN-719-1

http://www.vupen.com/english/advisories/2009/0410

http://www.vupen.com/english/advisories/2009/0426

http://www.vupen.com/english/advisories/2009/0979

cpe:2.3:a:eyrie:pam-krb5:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:*:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.0:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.1:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.2:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.3:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.4:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.5:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:2.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:2.6:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.0:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.1:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.10:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.11:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.2:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.3:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.4:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.5:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.6:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.7:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.8:*:*:*:*:*:*:*

cpe:2.3:a:eyrie:pam-krb5:3.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eyrie:pam-krb5:3.9:*:*:*:*:*:*:*

CVE-2009-0360

https://nvd.nist.gov/vuln/detail/CVE-2009-0360

GLSA-200903-39

https://security.gentoo.org/glsa/200903-39

GLSA-201412-08

https://security.gentoo.org/glsa/201412-08

OSVDB-54343;CVE-2009-0360

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/8303.c

USN-719-1

https://usn.ubuntu.com/719-1/

Data source	Exploit-DB
Date added	March 28, 2009
Description	pam-krb5 < 3.13 - Local Privilege Escalation
Ransomware campaign use	Known
Source publication date	March 29, 2009
Exploit type	local
Platform	linux

Exploit-DB

March 28, 2009

pam-krb5 < 3.13 - Local Privilege Escalation

Known

March 29, 2009

local

linux

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:01:47.318221+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/200903-39	38.0.0

2026-04-01T13:01:47.318221+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/200903-39

38.0.0

Vulnerability ID	VCID-xunm-5yje-hqdk
Aliases	CVE-2009-0360
Summary	Two vulnerabilities in pam_krb5 might allow local users to elevate their privileges or overwrite arbitrary files.
Status	Published
Exploitability	2.0
Weighted Severity	5.6
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.4601
EPSS Score	0.00232
Published At	April 1, 2026, 12:55 p.m.