summaryrefslogtreecommitdiff
path: root/net/ncftp3
diff options
context:
space:
mode:
authorsalo <salo@pkgsrc.org>2006-08-09 17:31:10 +0000
committersalo <salo@pkgsrc.org>2006-08-09 17:31:10 +0000
commitbb3e8f5e8d22041da1d45112f433f3ce6e225ca7 (patch)
treed402f8e51826cf28998215f2f46fe684e6e8247a /net/ncftp3
parent67a85ba51729156556bc33265838253d69ab6e51 (diff)
downloadpkgsrc-bb3e8f5e8d22041da1d45112f433f3ce6e225ca7.tar.gz
Security fixes for SA21402:
"A security issue has been reported in Kerberos, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to missing checks for whether the "setuid()" call has succeeded in the bundled krshd and v4rcp applications. This can be exploited to disclose or manipulate the contents of arbitrary files or execute arbitrary code with root privileges if the "setuid()" call fails due to e.g. resource limits." http://secunia.com/advisories/21402/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt Bump PKGREVISION.
Diffstat (limited to 'net/ncftp3')
0 files changed, 0 insertions, 0 deletions