GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Fri Mar 17, 2006 7:26 pm Post subject: [ GLSA 200603-14 ] Heimdal: rshd privilege escalation |
|
|
Gentoo Linux Security Advisory
Title: Heimdal: rshd privilege escalation (GLSA 200603-14)
Severity: normal
Exploitable: remote
Date: March 17, 2006
Bug(s): #121839
ID: 200603-14
Synopsis
An error in the rshd daemon of Heimdal could allow authenticated users to
elevate privileges.
Background
Heimdal is a free implementation of Kerberos 5.
Affected Packages
Package: app-crypt/heimdal
Vulnerable: < 0.7.2
Unaffected: >= 0.7.2
Architectures: All supported architectures
Description
An unspecified privilege escalation vulnerability in the rshd
server of Heimdal has been reported.
Impact
Authenticated users could exploit the vulnerability to escalate
privileges or to change the ownership and content of arbitrary files.
Workaround
There is no known workaround at this time.
Resolution
All Heimdal users should upgrade to the latest version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/heimdal-0.7.2" |
References
CVE-2006-0582
Heimdal Advisory 2006-02-06
Last edited by GLSA on Fri Feb 28, 2014 4:22 am; edited 7 times in total |
|