|
|
Subscribe / Log in / New account

krb5: unauthorized root privileges

Package(s):krb5 CVE #(s):CAN-2004-0523
Created:June 3, 2004 Updated:June 29, 2004
Description: Multiple buffer overflows exist in the krb5_aname_to_localname() library function that if exploited could lead to unauthorized root privileges. In order to exploit this flaw, an attacker must first successfully authenticate to a vulnerable service, which must be configured to enable the explicit mapping or rules-based mapping functionality of krb5_aname_to_localname, which is not a default configuration. See the this MIT krb5 Security Advisory for more information.
Alerts:
Gentoo 200406-21 mit-krb5 2004-06-29
Debian DSA-520-1 krb5 2004-06-16
Whitebox WBSA-2004:236-01 krb5 2004-06-10
Mandrake MDKSA-2004:056-1 krb5 2004-06-09
Red Hat RHSA-2004:236-01 krb5 2004-06-09
Fedora FEDORA-2004-150 krb5 2004-06-04
Fedora FEDORA-2004-149 krb5 2004-06-04
Mandrake MDKSA-2004:056 krb5 2004-06-03
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds