CVE-2011-1526 - OpenCVE

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Linux Enterprise Software Development Kit Linux Enterprise Desktop Linux Enterprise Server
Mit	Krb5-appl
Fedoraproject	Fedora
Debian	Debian Linux
Opensuse	Opensuse

Configuration 1 [-]

cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:5.0:::::::*
	cpe:2.3:o:debian:debian_linux:6.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:14:::::::*
	cpe:2.3:o:fedoraproject:fedora:15:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.3:::::::*
	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::*
	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::-:::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp1::::-::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::-:vmware::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1::::::

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html	Mailing List Third Party Advisory
http://secunia.com/advisories/45145	Third Party Advisory
http://secunia.com/advisories/45157	Third Party Advisory
http://secunia.com/advisories/48101	Third Party Advisory
http://securityreason.com/securityalert/8301	Third Party Advisory
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt	Patch Vendor Advisory
http://www.debian.org/security/2011/dsa-2283	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:117	Third Party Advisory
http://www.osvdb.org/73617	Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0920.html	Third Party Advisory
http://www.securityfocus.com/archive/1/518733/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/48571	Patch Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=711419	Issue Tracking Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68398	Third Party Advisory VDB Entry