Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code.
The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the vulnerabilities "...result when the OS implementations of setuid() or seteuid() can fail due to resource exhaustion when changing to an unprivileged user ID."
From MIT krb5 Security Advisory 2006-001:
An authenticated, remote attacker may be able to execute arbitrary code with root privileges.
Apply a patch or upgradeFrom MIT krb5 Security Advisory 2006-001: "The upcoming krb5-1.5.1 and krb5-1.4.4 releases will include fixes for these vulnerabilities." MIT has also released patches for krb 5-1.5 and krb5-1.4.3. See the Systems Affected section of this document for information about specific vendors.
Gentoo Linux Affected
IBM Corporation Affected
MIT Kerberos Development Team Affected
Apple Computer, Inc. Not Affected
AttachmateWRQ, Inc. Not Affected
Juniper Networks, Inc. Not Affected
Conectiva Inc. Unknown
Cray Inc. Unknown
CyberSafe, Inc. Unknown
Debian GNU/Linux Unknown
Engarde Secure Linux Unknown
F5 Networks, Inc. Unknown
Fedora Project Unknown
FreeBSD, Inc. Unknown
Heimdal Kerberos Project Unknown
Hewlett-Packard Company Unknown
IBM Corporation (zseries) Unknown
IBM eServer Unknown
Immunix Communications, Inc. Unknown
Ingrian Networks, Inc. Unknown
KTH Kerberos Team Unknown
Mandriva, Inc. Unknown
Microsoft Corporation Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
Openwall GNU/*/Linux Unknown
QNX, Software Systems, Inc. Unknown
Red Hat, Inc. Unknown
SUSE Linux Unknown
Silicon Graphics, Inc. Unknown
Slackware Linux Inc. Unknown
Sony Corporation Unknown
Sun Microsystems, Inc. Unknown
The SCO Group Unknown
Trustix Secure Linux Unknown
Wind River Systems, Inc. Unknown
These vulnerabilities were reported by the MIT Kerberos Development Team.
This document was written by Ryan Giobbi and Art Manion.
|Date First Published:||2006-08-08|
|Date Last Updated:||2006-08-24 20:07 UTC|