Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 121839 - app-crypt/heimdal: rshd privilege escalation vulnerability
Summary: app-crypt/heimdal: rshd privilege escalation vulnerability
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa] DerCorny
Depends on:
Reported: 2006-02-06 08:23 UTC by Stefan Cornelius (RETIRED)
Modified: 2006-11-11 19:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Cornelius (RETIRED) gentoo-dev 2006-02-06 08:23:28 UTC
The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file. 
 0.7.2 and 0.6.6 fixes this problem. 
 The only workaround for this bug is to disable the rshd server program.
Comment 1 Stefan Cornelius (RETIRED) gentoo-dev 2006-02-06 08:25:18 UTC
kerberos herd please bump, thank you.
Comment 2 Stefan Cornelius (RETIRED) gentoo-dev 2006-02-06 08:26:25 UTC
blah, forget to accept my own bug ...
Comment 3 Stefan Cornelius (RETIRED) gentoo-dev 2006-02-23 07:53:55 UTC
guys, any progress?
Comment 4 Martin Mokrejš 2006-03-09 09:15:06 UTC
Try the following and report back (it compiles for me fine):

cd /usr/portage/app-crypt/heimdal/
cp heimdal-0.7.1-r1.ebuild heimdal-0.7.2.ebuild
cp /usr/portage/distfiles/heimdal-0.7.1-gentoo-patches-0.1.tar.bz2
ebuild heimdal-0.7.2.ebuild digest
emerge -u heimdal && echo "<app-crypt/heimdal-0.7.2" >>
Comment 5 Emanuele Giaquinta (RETIRED) gentoo-dev 2006-03-13 16:30:33 UTC
Bumped 0.7.2. Arches please test and mark stable.
Comment 6 Markus Rothe (RETIRED) gentoo-dev 2006-03-13 17:36:06 UTC
bumped to stable on ppc64 (ebuild was somehow missing ~ppc64)
Comment 7 Mark Loeser (RETIRED) gentoo-dev 2006-03-13 22:08:58 UTC
x86 done
Comment 8 Fernando J. Pereda (RETIRED) gentoo-dev 2006-03-14 09:46:05 UTC
Alpha done
Comment 9 Luis Medinas (RETIRED) gentoo-dev 2006-03-14 15:08:24 UTC
stable on amd64
Comment 10 Jason Wever (RETIRED) gentoo-dev 2006-03-14 17:04:43 UTC
Here a SPARC, there a SPARC, everywhere a SPARC SPARC
Comment 11 Tobias Scherbaum (RETIRED) gentoo-dev 2006-03-15 22:04:27 UTC
ppc stable
Comment 12 René Nussbaumer (RETIRED) gentoo-dev 2006-03-16 11:20:22 UTC
Stable on hppa. Forgot to remove CC.
Comment 13 Stefan Cornelius (RETIRED) gentoo-dev 2006-03-17 02:12:10 UTC
ready for glsa
Comment 14 Stefan Cornelius (RETIRED) gentoo-dev 2006-03-17 10:00:15 UTC
GLSA 200603-14

Thanks everybody, other arches dont forget to stable to benefit from the GLSA ;)
Comment 15 Joshua Kinard gentoo-dev 2006-09-03 13:36:22 UTC
0.7.2-r3 was marked stable on mips, thus retro-fixing this.