Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Heimdal | Kth | 0.6.1 (including) | 0.6.1 (including) |
| Heimdal | Kth | 0.6.2 (including) | 0.6.2 (including) |
| Heimdal | Kth | 0.6.3 (including) | 0.6.3 (including) |
| Heimdal | Kth | 0.6.4 (including) | 0.6.4 (including) |
| Heimdal | Kth | 0.6.5 (including) | 0.6.5 (including) |
| Heimdal | Kth | 0.7.1 (including) | 0.7.1 (including) |
| Heimdal | Kth | 0.7.1.1 (including) | 0.7.1.1 (including) |
| Heimdal | Kth | 0.7.1.2 (including) | 0.7.1.2 (including) |
| Heimdal | Kth | 0.7.1.3 (including) | 0.7.1.3 (including) |
| Heimdal | Ubuntu | dapper | * |
| Heimdal | Ubuntu | devel | * |
| Heimdal | Ubuntu | edgy | * |
| Heimdal | Ubuntu | feisty | * |
References
- http://secunia.com/advisories/18733
- http://secunia.com/advisories/18806
- http://secunia.com/advisories/18894
- http://secunia.com/advisories/19005
- http://secunia.com/advisories/19302
- http://securitytracker.com/id?1015591
- http://www.debian.org/security/2006/dsa-977
- http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml
- http://www.osvdb.org/22986
- http://www.pdc.kth.se/heimdal/advisory/2006-02-06/
- http://www.securityfocus.com/archive/1/426043/100/0/threaded
- http://www.securityfocus.com/bid/16524
- http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html
- http://www.ubuntu.com/usn/usn-253-1
- http://www.vupen.com/english/advisories/2006/0456
- http://www.vupen.com/english/advisories/2006/0628
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24532
- https://usn.ubuntu.com/247-1/
- http://secunia.com/advisories/18733
- http://secunia.com/advisories/18806
- http://secunia.com/advisories/18894
- http://secunia.com/advisories/19005
- http://secunia.com/advisories/19302
- http://securitytracker.com/id?1015591
- http://www.debian.org/security/2006/dsa-977
- http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml
- http://www.osvdb.org/22986
- http://www.pdc.kth.se/heimdal/advisory/2006-02-06/
- http://www.securityfocus.com/archive/1/426043/100/0/threaded
- http://www.securityfocus.com/bid/16524
- http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html
- http://www.ubuntu.com/usn/usn-253-1
- http://www.vupen.com/english/advisories/2006/0456
- http://www.vupen.com/english/advisories/2006/0628
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24532
- https://usn.ubuntu.com/247-1/