CVE-2002-0754

Affected software : Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier. Vulnerability : k5su relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Impact : potential privilege e...

CVE-2002-0755

The CVE concerns Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier, where the process does not verify wheel-group membership before granting superuser privileges. This could allow an unauthorized user to execute commands as root. Affected component is the k5su integration in FreeBSD’s Kerberos setu...

FreeBSD k5su problems

Wheel group membership is not checked fo k5su...

Security Advisory FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...

FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...

FreeBSD-SA-02:07.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:07 Security Advisory FreeBSD, Inc. Topic: Kerberos 5 su command uses getlogin for authorization Category: krb5, ports Module: crypto/heimdal/appl/su, heimdal Announced:...