CVE-2006-3084
First published: Wed Aug 09 2006(Updated: )
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not known whether an exploitable attack scenario exists for these issues.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Heimdal | <=0.7.2 | |
| MIT Kerberos 5 | =1.4 | |
| MIT Kerberos 5 | =1.4.1 | |
| MIT Kerberos 5 | =1.4.2 | |
| MIT Kerberos 5 | =1.4.3 | |
| MIT Kerberos 5 | =1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt
- http://www.kb.cert.org/vuls/id/401660
- http://www.debian.org/security/2006/dsa-1146
- http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml
- http://www.ubuntu.com/usn/usn-334-1
- http://www.securityfocus.com/bid/19427
- http://securitytracker.com/id?1016664
- http://secunia.com/advisories/21439
- http://secunia.com/advisories/21461
- http://secunia.com/advisories/21402
- http://secunia.com/advisories/21527
- http://www.novell.com/linux/security/advisories/2006_20_sr.html
- http://security.gentoo.org/glsa/glsa-200608-21.xml
- http://fedoranews.org/cms/node/2376
- http://secunia.com/advisories/23707
- http://www.pdc.kth.se/heimdal/advisory/2006-08-08/
- http://www.osvdb.org/27871
- http://www.osvdb.org/27872
- http://secunia.com/advisories/21436
- http://secunia.com/advisories/21613
- http://secunia.com/advisories/21467
- http://www.vupen.com/english/advisories/2006/3225
- http://www.securityfocus.com/archive/1/443498/100/100/threaded
- http://www.securityfocus.com/archive/1/442599/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-3084?
CVE-2006-3084 has medium severity due to the potential for local privilege escalation.
How do I fix CVE-2006-3084?
To fix CVE-2006-3084, update to a secure version of MIT Kerberos 5 or Heimdal that addresses the setuid return code check issue.
Which versions are affected by CVE-2006-3084?
CVE-2006-3084 affects MIT Kerberos 5 versions up to 1.5 and Heimdal versions up to 0.7.2.
What programs are associated with CVE-2006-3084?
The programs associated with CVE-2006-3084 are ftpd and ksu.
Can CVE-2006-3084 be exploited remotely?
CVE-2006-3084 is a local vulnerability, meaning it requires local user access to exploit.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/heimdal
- product/heimdal
- canonical/heimdal heimdal
- vendor/mit
- product/kerberos 5
- canonical/mit kerberos 5
- canonical/heimdal
- version/heimdal/0.7.2
- version/mit kerberos 5/1.4
- version/mit kerberos 5/1.4.1
- version/mit kerberos 5/1.4.2
- version/mit kerberos 5/1.4.3
- version/mit kerberos 5/1.5