CVE-2011-1526

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html

http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html

http://secunia.com/advisories/45145

http://secunia.com/advisories/45157

http://secunia.com/advisories/48101

http://securityreason.com/securityalert/8301

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt

http://www.debian.org/security/2011/dsa-2283

http://www.mandriva.com/security/advisories?name=MDVSA-2011:117

http://www.osvdb.org/73617

http://www.redhat.com/support/errata/RHSA-2011-0920.html

http://www.securityfocus.com/archive/1/518733/100/0/threaded

http://www.securityfocus.com/bid/48571

https://bugzilla.redhat.com/show_bug.cgi?id=711419

https://exchange.xforce.ibmcloud.com/vulnerabilities/68398

Details

Source: MITRE

Published: 2011-07-11

Updated: 2021-02-02

Type: CWE-269

Risk Information

CVSS v2

Base Score: 6.5

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8

Severity: MEDIUM

Tenable Plugins

View all (18 total)

IDNameProductFamilySeverity
79283RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)NessusRed Hat Local Security Checks
high
75886openSUSE Security Update : krb5-appl (openSUSE-SU-2012:0019-1)NessusSuSE Local Security Checks
critical
75885openSUSE Security Update : krb5 (openSUSE-SU-2011:1169-1)NessusSuSE Local Security Checks
high
75564openSUSE Security Update : krb5-appl (openSUSE-SU-2012:0019-1)NessusSuSE Local Security Checks
critical
75563openSUSE Security Update : krb5 (openSUSE-SU-2011:1169-1)NessusSuSE Local Security Checks
high
68477Oracle Linux 5 : krb5 (ELSA-2012-0306)NessusOracle Linux Local Security Checks
medium
68302Oracle Linux 6 : krb5-appl (ELSA-2011-0920)NessusOracle Linux Local Security Checks
medium
61266Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 (20120221)NessusScientific Linux Local Security Checks
medium
61079Scientific Linux Security Update : krb5-appl on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
58060RHEL 5 : krb5 (RHSA-2012:0306)NessusRed Hat Local Security Checks
medium
57656GLSA-201201-14 : MIT Kerberos 5 Applications: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
57431SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 7899)NessusSuSE Local Security Checks
critical
57430SuSE 11.1 Security Update : Kerberos 5 (SAT Patch Number 5594)NessusSuSE Local Security Checks
critical
55673Debian DSA-2283-1 : krb5-appl - programming errorNessusDebian Local Security Checks
medium
55665Mandriva Linux Security Advisory : krb5-appl (MDVSA-2011:117)NessusMandriva Local Security Checks
medium
55596Fedora 14 : krb5-appl-1.0.1-4.fc14 (2011-9109)NessusFedora Local Security Checks
medium
55595Fedora 15 : krb5-appl-1.0.1-7.fc15 (2011-9080)NessusFedora Local Security Checks
medium
55520RHEL 6 : krb5-appl (RHSA-2011:0920)NessusRed Hat Local Security Checks
medium