CVE-2006-3084 Information

Description

The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5 and 1.4.x before 1.4.4 and (b) Heimdal 0.7.2 and earlier do not check return codes for setuid calls which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808 it is not known whether an exploitable attack scenario exists for these issues.

Reference

ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt http://fedoranews.org/cms/node/2376 http://secunia.com/advisories/21402 http://secunia.com/advisories/21436 http://secunia.com/advisories/21439 http://secunia.com/advisories/21461 http://secunia.com/advisories/21467 http://secunia.com/advisories/21527 http://secunia.com/advisories/21613 http://secunia.com/advisories/23707 http://security.gentoo.org/glsa/glsa-200608-21.xml http://securitytracker.com/id?1016664 http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt http://www.debian.org/security/2006/dsa-1146 http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml http://www.kb.cert.org/vuls/id/401660 http://www.novell.com/linux/security/advisories/2006_20_sr.html http://www.osvdb.org/27871 http://www.osvdb.org/27872 http://www.pdc.kth.se/heimdal/advisory/2006-08-08/ http://www.securityfocus.com/archive/1/442599/100/0/threaded http://www.securityfocus.com/archive/1/443498/100/100/threaded http://www.securityfocus.com/bid/19427 http://www.ubuntu.com/usn/usn-334-1 http://www.vupen.com/english/advisories/2006/3225