svn rev #18421: branches/krb5-1-5/ src/appl/bsd/ src/appl/gssftp/ftpd/ src/clients/ksu/ ...

tlyu@MIT.EDU tlyu at MIT.EDU
Tue Aug 8 15:39:07 EDT 2006


Commit By: tlyu
Log Message: 
ticket: 4125
version_fixed: 1.5.1

pull up r18420 from trunk

 r18420 at cathode-dark-space:  tlyu | 2006-08-08 15:26:40 -0400
 ticket: new
 subject: fix MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities
 target_version: 1.5.1
 tags: pullup
 
 	* src/appl/gssftp/ftpd/ftpd.c (getdatasock, passive):
 	* src/appl/bsd/v4rcp.c (main):
 	* src/appl/bsd/krcp.c (main):
 	* src/appl/bsd/krshd.c (doit):
 	* src/appl/bsd/login.c (main): 
 	* src/clients/ksu/main.c (sweep_up):
 	* src/lib/krb4/kuserok.c (kuserok): Check return values from
 	setuid() and related functions to avoid privilege escalation
 	vulnerabilities.  Fixes MITKRB5-SA-2006-001. [CVE-2006-3083,
 	VU#580124, CVE-2006-3084, VU#401660]
 




Changed Files:
_U  branches/krb5-1-5/
U   branches/krb5-1-5/src/appl/bsd/krcp.c
U   branches/krb5-1-5/src/appl/bsd/krshd.c
U   branches/krb5-1-5/src/appl/bsd/login.c
U   branches/krb5-1-5/src/appl/bsd/v4rcp.c
U   branches/krb5-1-5/src/appl/gssftp/ftpd/ftpd.c
U   branches/krb5-1-5/src/clients/ksu/main.c
U   branches/krb5-1-5/src/lib/krb4/kuserok.c



More information about the cvs-krb5 mailing list