blob: 5b4b9ae371033e31bb77dc4759276dd4b1e9a3b7 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200603-14">
<title>Heimdal: rshd privilege escalation</title>
An error in the rshd daemon of Heimdal could allow authenticated users to
elevate privileges.
<product type="ebuild">heimdal</product>
<announced>March 17, 2006</announced>
<revised>March 17, 2006: 01</revised>
<package name="app-crypt/heimdal" auto="yes" arch="*">
<unaffected range="ge">0.7.2</unaffected>
<vulnerable range="lt">0.7.2</vulnerable>
Heimdal is a free implementation of Kerberos 5.
An unspecified privilege escalation vulnerability in the rshd
server of Heimdal has been reported.
<impact type="normal">
Authenticated users could exploit the vulnerability to escalate
privileges or to change the ownership and content of arbitrary files.
There is no known workaround at this time.
All Heimdal users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-crypt/heimdal-0.7.2&quot;</code>
<uri link="">CVE-2006-0582</uri>
<uri link="">Heimdal Advisory 2006-02-06</uri>
<metadata tag="requester" timestamp="Tue, 14 Mar 2006 18:02:33 +0000">
<metadata tag="submitter" timestamp="Thu, 16 Mar 2006 09:34:15 +0000">
<metadata tag="bugReady" timestamp="Fri, 17 Mar 2006 10:14:03 +0000">