Kerberos is a network authentication system which allows clients and
servers to authenticate to each other through use of symmetric encryption
and a trusted third party, the KDC.
A flaw was found where some bundled Kerberos-aware applications would fail
to check the result of the setuid() call. On Linux 2.6 kernels, the
setuid() call can fail if certain user limits are hit. A local attacker
could manipulate their environment in such a way to get the applications to
continue to run as root, potentially leading to an escalation of
privileges. (CVE-2006-3083).
Users are advised to update to these erratum packages which contain a
backported fix to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | krb5-workstation | < 1.3.4-33 | krb5-workstation-1.3.4-33.i386.rpm |
RedHat | any | i386 | krb5-server | < 1.3.4-33 | krb5-server-1.3.4-33.i386.rpm |
RedHat | any | s390x | krb5-workstation | < 1.3.4-33 | krb5-workstation-1.3.4-33.s390x.rpm |
RedHat | any | s390 | krb5-workstation | < 1.3.4-33 | krb5-workstation-1.3.4-33.s390.rpm |
RedHat | any | ia64 | krb5-devel | < 1.3.4-33 | krb5-devel-1.3.4-33.ia64.rpm |
RedHat | any | ia64 | krb5-libs | < 1.3.4-33 | krb5-libs-1.3.4-33.ia64.rpm |
RedHat | any | ia64 | krb5-workstation | < 1.3.4-33 | krb5-workstation-1.3.4-33.ia64.rpm |
RedHat | any | ppc | krb5-libs | < 1.3.4-33 | krb5-libs-1.3.4-33.ppc.rpm |
RedHat | any | ppc64 | krb5-libs | < 1.3.4-33 | krb5-libs-1.3.4-33.ppc64.rpm |
RedHat | any | ppc | krb5-server | < 1.3.4-33 | krb5-server-1.3.4-33.ppc.rpm |