Heimdal: Multiple local privilege escalation vulnerabilities — GLSA 200608-21

Certain Heimdal components, ftpd and rcp, are vulnerable to a local privilege escalation.

Affected Packages

app-crypt/heimdal on all architectures
Affected versions < 0.7.2-r3
Unaffected versions >= 0.7.2-r3

Background

Heimdal is a free implementation of Kerberos 5.

Description

The ftpd and rcp applications provided by Heimdal fail to check the return value of calls to seteuid().

Impact

A local attacker could exploit this vulnerability to execute arbitrary code with elevated privileges.

Workaround

There is no known workaround at this time.

Resolution

All Heimdal users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-crypt/heimdal-0.7.2-r3"

References

Release Date
August 23, 2006

Latest Revision
August 23, 2006: 01

Severity
high

Exploitable
local

Bugzilla entries