Security
Security
An error in the rshd daemon of Heimdal could allow authenticated users to elevate privileges.
| Package | app-crypt/heimdal on all architectures |
|---|---|
| Affected versions | < 0.7.2 |
| Unaffected versions | >= 0.7.2 |
Heimdal is a free implementation of Kerberos 5.
An unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported.
Authenticated users could exploit the vulnerability to escalate privileges or to change the ownership and content of arbitrary files.
There is no known workaround at this time.
All Heimdal users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-crypt/heimdal-0.7.2"
Release date
March 17, 2006
Latest revision
March 17, 2006: 01
Severity
normal
Exploitable
remote
Bugzilla entries