CVE-2006-3083

Properties

Published:
08.08.2006
Updated:
30.03.2007
Patch available:
Severity:
High
CVSS vector:
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Product:
MIT: Kerberos 5
MIT: Kerberos 5
MIT: Kerberos 5
MIT: Kerberos 5
MIT: Kerberos 5

Vulnerability description

The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion.

References:

http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt
CERT-VN: http://www.kb.cert.org/vuls/id/580124
REDHAT: http://www.redhat.com/support/errata/RHSA-2006-0612.html
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/442599/100/0/threaded
DEBIAN: http://www.debian.org/security/2006/dsa-1146
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml
MANDRIVA: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:139
UBUNTU: http://www.ubuntu.com/usn/usn-334-1
BID: http://www.securityfocus.com/bid/19427
FRSIRT: http://www.frsirt.com/english/advisories/2006/3225
SECTRACK: http://securitytracker.com/id?1016664
SECUNIA: http://secunia.com/advisories/21423
SECUNIA: http://secunia.com/advisories/21439
SECUNIA: http://secunia.com/advisories/21461
SECUNIA: http://secunia.com/advisories/21402
SECUNIA: http://secunia.com/advisories/21441
SECUNIA: http://secunia.com/advisories/21456
SECUNIA: http://secunia.com/advisories/21527
SUSE: http://www.novell.com/linux/security/advisories/2006_20_sr.html
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/443498/100/100/threaded
GENTOO: http://security.gentoo.org/glsa/glsa-200608-21.xml
SUSE: http://www.novell.com/linux/security/advisories/2006_22_sr.html
http://support.avaya.com/elmodocs2/security/ASA-2006-211.htm: http://support.avaya.com/elmodocs2/security/ASA-2006-211.htm
SECUNIA: http://secunia.com/advisories/22291
SECUNIA: http://secunia.com/advisories/21847
ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt: ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/: http://www.pdc.kth.se/heimdal/advisory/2006-08-08/
OSVDB: http://www.osvdb.org/27869
OSVDB: http://www.osvdb.org/27870
SECUNIA: http://secunia.com/advisories/21436
SECUNIA: http://secunia.com/advisories/21613
SECUNIA: http://secunia.com/advisories/21467