SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Kfd Vendors:   Royal Institute of Technology
Heimdal Kerberos 'kfd' Buffer Overflows May Let Remote Users Gain Root Access
SecurityTracker Alert ID:  1005228
SecurityTracker URL:  http://securitytracker.com/id/1005228
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 17 2002
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.4 and prior versions
Description:   Buffer overflows were reported in the Kerberos 'kf' and 'kfd' ticket forwarding utilities (part of the Heimdal Kerberos distribution). A remote user could possibly trigger a buffer overflow to execute arbitrary code and gain root access on the system.

It is reported that use of these utilities is not recommended.

To determine which version of kfd is installed, run kfd --version, as shown below:

# /usr/heimdal/libexec/kfd --version
kfd (Heimdal 0.5, KTH-KRB 1.2)
Copyright (c) 1999-2002 Kungliga Tekniska H gskolan
Send bug-reports to heimdal-bugs@pdc.kth.se

Impact:   A remote user may be able to execute arbitrary code with root privileges to gain root access on the system.
Solution:   The vendor has released a fixed version (0.5), available at:

ftp://ftp.pdc.kth.se/pub/heimdal/src
ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.5.tar.gz

Vendor URL:  www.pdc.kth.se/heimdal/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
(NetBSD Recommends Removal of the Vulnerable Programs) Heimdal Kerberos 'kfd' Buffer Overflows May Let Remote Users Gain Root Access
NetBSD has released a fix.



 Source Message Contents

Subject:  Kfd bugs


http://www.pdc.kth.se/heimdal/

The code is currently at release 0.5 and is available at
ftp://ftp.pdc.kth.se/pub/heimdal/src.


Security advisory regarding kf/kfd:

Kf and kfd are used to forward credentials in a stand-alone fashion.
Work on them never really finished, and in releases earlier than Heimdal
0.5 they had multiple security issues, including possible buffer
overruns. Their use has never been recommended.

If you are using kfd from earlier releases, we recommend that you stop
doing so until you have time to upgrade to 0.5. If you are unsure what
version you have installed, you can run kfd --version:

# /usr/heimdal/libexec/kfd --version
kfd (Heimdal 0.5, KTH-KRB 1.2)
Send bug-reports to heimdal-bugs@pdc.kth.se


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC