Gentoo Logo

Heimdal: rshd privilege escalation


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200603-14 / heimdal
Release Date March 17, 2006
Latest Revision March 17, 2006: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
app-crypt/heimdal < 0.7.2 >= 0.7.2 All supported architectures

Related bugreports: #121839


An error in the rshd daemon of Heimdal could allow authenticated users to elevate privileges.

2.  Impact Information


Heimdal is a free implementation of Kerberos 5.


An unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported.


Authenticated users could exploit the vulnerability to escalate privileges or to change the ownership and content of arbitrary files.

3.  Resolution Information


There is no known workaround at this time.


All Heimdal users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/heimdal-0.7.2"

4.  References


Page updated March 17, 2006

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.