Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3083

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-3083
Last Modified 18 Jul 2011 12:00:00
Published 09 Aug 2006 06:04:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3083

Summary

The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion.

Vulnerable Systems

Application

  • Heimdal 0.7.2

  • Mit Kerberos 5-1.4

  • Mit Kerberos 5-1.4.1

  • Mit Kerberos 5-1.4.2

  • Mit Kerberos 5-1.4.3

  • Mit Kerberos 5-1.5


References

CERT-VN - VU#580124

REDHAT - RHSA-2006:0612

CONFIRM - http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt

VUPEN - ADV-2006-3225

UBUNTU - USN-334-1

BID - 19427

BUGTRAQ - 20060816 UPDATED: MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities

BUGTRAQ - 20060808 MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities

CONFIRM - http://www.pdc.kth.se/heimdal/advisory/2006-08-08/

OSVDB - 27870

OSVDB - 27869

SUSE - SUSE-SR:2006:022

SUSE - SUSE-SR:2006:020

MANDRIVA - MDKSA-2006:139

GENTOO - GLSA-200608-15

DEBIAN - DSA-1146

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-211.htm

SECTRACK - 1016664

GENTOO - GLSA-200608-21

SECUNIA - 22291

SECUNIA - 21847

SECUNIA - 21613

SECUNIA - 21527

SECUNIA - 21467

SECUNIA - 21461

SECUNIA - 21456

SECUNIA - 21441

SECUNIA - 21439

SECUNIA - 21436

SECUNIA - 21423

SECUNIA - 21402

CONFIRM - ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt


Last Updated: 27 May 2016 10:42:52