Gentoo Logo

Heimdal: rshd privilege escalation

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200603-14 / heimdal
Release Date March 17, 2006
Latest Revision March 17, 2006: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
app-crypt/heimdal < 0.7.2 >= 0.7.2 All supported architectures

Related bugreports: #121839

Synopsis

An error in the rshd daemon of Heimdal could allow authenticated users to elevate privileges.

2.  Impact Information

Background

Heimdal is a free implementation of Kerberos 5.

Description

An unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported.

Impact

Authenticated users could exploit the vulnerability to escalate privileges or to change the ownership and content of arbitrary files.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Heimdal users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/heimdal-0.7.2"

4.  References



Print

Page updated March 17, 2006

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.