krb5 security and bug fix update

1.6.1-70.el5 - add upstream patch for telnetd buffer overflow CVE-2011-4862, 770351 1.6.1-69.el5 - ftp: fix a static analysis should-never-happen NULL dereference 750823 1.6.1-68.el5 - backport fixes to teach libkrb5 to use descriptors higher than FDSETSIZE to talk to a KDC by using poll if it's...

krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)

It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5setegid function call. On systems where the set real, set effective, or set saved group ID system calls might...

krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)

It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5setegid function call. On systems where the set real, set effective, or set saved group ID system calls might...

Xcode OpenBase 10.0.0 (OSX) - Unsafe System Call Privilege Escalation

Xcode OpenBase 10.0.0 OSX - Unsafe System Call Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a - $b\n"; print "\n"; exit 1; $ret =...