Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-3083

The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion.

Published

2006-08-09T10:04:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	heimdal	heimdal	0.7.2	Yes
Application	mit	kerberos_5	1.4	Yes
Application	mit	kerberos_5	1.4.1	Yes
Application	mit	kerberos_5	1.4.2	Yes
Application	mit	kerberos_5	1.4.3	Yes
Application	mit	kerberos_5	1.5	Yes

References

ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt ([email protected])
http://secunia.com/advisories/21402 Vendor Advisory ([email protected])
http://secunia.com/advisories/21423 Vendor Advisory ([email protected])
http://secunia.com/advisories/21436 Vendor Advisory ([email protected])
http://secunia.com/advisories/21439 Vendor Advisory ([email protected])
http://secunia.com/advisories/21441 Vendor Advisory ([email protected])
http://secunia.com/advisories/21456 Vendor Advisory ([email protected])
http://secunia.com/advisories/21461 Vendor Advisory ([email protected])
http://secunia.com/advisories/21467 Vendor Advisory ([email protected])
http://secunia.com/advisories/21527 Vendor Advisory ([email protected])
http://secunia.com/advisories/21613 Vendor Advisory ([email protected])
http://secunia.com/advisories/21847 Vendor Advisory ([email protected])
http://secunia.com/advisories/22291 Vendor Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200608-21.xml ([email protected])
http://securitytracker.com/id?1016664 ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-211.htm ([email protected])
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt Patch, Vendor Advisory ([email protected])
http://www.debian.org/security/2006/dsa-1146 ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml ([email protected])
http://www.kb.cert.org/vuls/id/580124 Patch, US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:139 ([email protected])
http://www.novell.com/linux/security/advisories/2006_20_sr.html ([email protected])
http://www.novell.com/linux/security/advisories/2006_22_sr.html ([email protected])
http://www.osvdb.org/27869 ([email protected])
http://www.osvdb.org/27870 ([email protected])
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/ ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0612.html Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/archive/1/442599/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/443498/100/100/threaded ([email protected])
http://www.securityfocus.com/bid/19427 ([email protected])
http://www.ubuntu.com/usn/usn-334-1 ([email protected])
http://www.vupen.com/english/advisories/2006/3225 Vendor Advisory ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9515 ([email protected])
ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21402 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21423 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21436 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21439 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21441 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21456 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21461 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21467 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21527 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21613 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21847 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22291 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200608-21.xml (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016664 (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-211.htm (af854a3a-2127-422b-91ae-364da2661108)
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1146 (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/580124 Patch, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:139 (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_20_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_22_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/27869 (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/27870 (af854a3a-2127-422b-91ae-364da2661108)
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/ (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0612.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/442599/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/443498/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/19427 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-334-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3225 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9515 (af854a3a-2127-422b-91ae-364da2661108)