CVE-2002-0754

Affected software : Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier. Vulnerability : k5su relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Impact : potential privilege e...

CVE-2002-0755

The CVE concerns Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier, where the process does not verify wheel-group membership before granting superuser privileges. This could allow an unauthorized user to execute commands as root. Affected component is the k5su integration in FreeBSD’s Kerberos setu...

Security Advisory FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...

FreeBSD k5su problems

Wheel group membership is not checked fo k5su...

FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...

FreeBSD-SA-02:07.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:07 Security Advisory FreeBSD, Inc. Topic: Kerberos 5 su command uses getlogin for authorization Category: krb5, ports Module: crypto/heimdal/appl/su, heimdal Announced:...