Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1146-1
HistoryAug 09, 2006 - 12:00 a.m.

krb5 - programming error

2006-08-0900:00:00
Google
osv.dev
6
JSON

In certain application programs packaged in the MIT Kerberos 5 source
distribution, calls to setuid() and seteuid() are not always checked
for success and may fail with some PAM configurations. A local
user could exploit one of these vulnerabilities to result in privilege
escalation. No exploit code is known to exist at this time.

For the stable distribution (sarge) these problems have been fixed in
version 1.3.6-2sarge3.

For the unstable distribution (sid) these problems have been fixed in
version 1.4.3-9.

We recommend that you upgrade your krb5 packages.

JSON