Heimdal: ftpd root escalation — GLSA 200409-19

Several bugs exist in the Heimdal ftp daemon which could allow a remote attacker to gain root privileges.

Affected Packages

app-crypt/heimdal on all architectures
Affected versions < 0.6.3
Unaffected versions >= 0.6.3

Background

Heimdal is an implementation of Kerberos 5.

Description

Przemyslaw Frasunek discovered several flaws in lukemftpd, which also apply to Heimdal ftpd's out-of-band signal handling code.

Additionally, a potential vulnerability that could lead to Denial of Service by the Key Distribution Center (KDC) has been fixed in this version.

Impact

A remote attacker could be able to run arbitrary code with escalated privileges, which can result in a total compromise of the server.

Workaround

There is no known workaround at this time.

Resolution

All Heimdal users should upgrade to the latest version:

 # emerge sync

 # emerge -pv ">=app-crypt/heimdal-0.6.3"
 # emerge ">=app-crypt/heimdal-0.6.3"

References

Release Date
September 16, 2004

Latest Revision
September 16, 2004: 01

Severity
high

Exploitable
remote

Bugzilla entries