CVE-2006-3084

MIT Kerberos <1.5/Heimdal <0.7.2 - Privilege Escalation

Title source: llm

Description

The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not known whether an exploitable attack scenario exists for these issues.

References (25)

Core 25

Core References

Mailing List vendor-advisory x_refsource_fedora

http://fedoranews.org/cms/node/2376

Various Sources x_refsource_confirm

http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2006_20_sr.html

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/401660

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200608-21.xml

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21461

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21467

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/27872

Various Sources x_refsource_confirm

ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2006/dsa-1146

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21436

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/3225

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21527

Vendor Advisory x_refsource_confirm

http://www.pdc.kth.se/heimdal/advisory/2006-08-08/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/442599/100/0/threaded

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23707

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21439

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21402

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/443498/100/100/threaded

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21613

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016664

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/27871

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-334-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/19427

Scores

EPSS 0.0041

EPSS Percentile 61.3%

Details

CWE

CWE-264

Status published

Products (6)

heimdal/heimdal < 0.7.2

mit/kerberos_5 1.4

mit/kerberos_5 1.4.1

mit/kerberos_5 1.4.2

mit/kerberos_5 1.4.3

mit/kerberos_5 1.5

Published Aug 09, 2006

Tracked Since Feb 18, 2026