diff options
| author | salo <salo@pkgsrc.org> | 2006-08-09 17:31:10 +0000 |
|---|---|---|
| committer | salo <salo@pkgsrc.org> | 2006-08-09 17:31:10 +0000 |
| commit | bb3e8f5e8d22041da1d45112f433f3ce6e225ca7 (patch) | |
| tree | d402f8e51826cf28998215f2f46fe684e6e8247a /comms | |
| parent | 67a85ba51729156556bc33265838253d69ab6e51 (diff) | |
| download | pkgsrc-bb3e8f5e8d22041da1d45112f433f3ce6e225ca7.tar.gz | |
Security fixes for SA21402:
"A security issue has been reported in Kerberos, which potentially can
be exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled krshd and v4rcp
applications. This can be exploited to disclose or manipulate the
contents of arbitrary files or execute arbitrary code with root
privileges if the "setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21402/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt
Bump PKGREVISION.
Diffstat (limited to 'comms')
0 files changed, 0 insertions, 0 deletions