2006-08-08: multiple local privilege escalation vulnerabilities

This problem applies to systems where setuid/seteuid call call fail due to resource exhaustion. One operating system that is true is Linux. The programs that this this problem applies to are ftpd and rcp. The problem only apply to rcp if it installed setuid root (not done by default).

Patch (heimdal-0.7.2-setuid-patch) for Heimdal 0.7.2 fixes this problem.

One workaround is to make sure set{e,}uid doesn't fail. Also disabling ftpd and removing the setuid bit from rcp will solve the problem.

Thanks to Tom Yu at MIT and Michael Calmer and Marcus Meissner at SUSE for tell us about the problem. Either of CVE-2006-3083 or CVE-2006-3084 describes this problems.

Valid XHTML 1.0!