CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-3084
https://notcve.org/view.php?id=CVE-2006-3084
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not known whether an exploitable attack scenario exists for these issues. Los programas (1) ftpd y (2) ksu en MIT Kerberos 5 (krb5) actualizado a 1.5, y 1.4.X anterior a 1.4.4, no valida el código de retorno para las llamadas setuid, lo cual permite a un usuario local ganar privilegios provocando fallos del setuid para subir privilegios. NOTA: con en 20060808, no se conoce si existe un panorama explotable para estas ediciones. • ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2-setuid-patch.txt http://fedoranews.org/cms/node/2376 http://secunia.com/advisories/21402 http://secunia.com/advisories/21436 http://secunia.com/advisories/21439 http://secunia.com/advisories/21461 http://secunia.com/advisories/21467 http://secunia.com/advisories/21527 http://secunia.com/advisories/21613 http://secunia.com/advisories/23707 http://security.gentoo.org/glsa/glsa-200608-21.xml http://securitytracker.c • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 0CVE-2004-0434
https://notcve.org/view.php?id=CVE-2004-0434
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. k5admind (kadmind) de Heimdal permite a atacantes remotos ejecutar código arbitrario mediante una petición de administración de Kerberos 4 con longitud de marco menor de 2, lo que conduce a un desbordameinte de búfer basado en el montón. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html http://marc.info/?l=bugtraq&m=108386148126457&w=2 http://security.gentoo.org/glsa/glsa-200405-23.xml http://www.debian.org/security/2004/dsa-504 https://exchange.xforce.ibmcloud.com/vulnerabilities/16071 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2002-1225
https://notcve.org/view.php?id=CVE-2002-1225
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. • http://marc.info/?l=bugtraq&m=103341355708817&w=2 http://marc.info/?l=bugtraq&m=103462479621246&w=2 http://www.debian.org/security/2002/dsa-178 http://www.iss.net/security_center/static/10116.php http://www.securityfocus.com/bid/5729 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2002-1226
https://notcve.org/view.php?id=CVE-2002-1226
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225). • http://marc.info/?l=bugtraq&m=103341355708817&w=2 http://marc.info/?l=bugtraq&m=103462479621246&w=2 http://www.debian.org/security/2002/dsa-178 •