Info

Disclosure

May 20, 2002

Discovery

Unknown

Dates

Exploit

May 20, 2002

Solution

Unknown

Description

The k5su utility contains a flaw that may allow a local user to gain access to unauthorized privileges. The issue is triggered when a local user who does not have 'wheel' group membership executes k5su and enters the root password. This flaw results in complete control of the host by the attacker.

Classification

Location: Local Access Required
Attack Type: Authentication Management
Impact: Loss of Confidentiality, Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to disable k5su by removing the suid bit. The suid for k5su is removed by default in subsequent releases as well as in the STABLE branch after 2002-05-15.

Products

FreeBSD Project	Kerberos 5	4.4-RELEASE
		4.5-RELEASE
		STABLE (RELENG_4*)

References

CVE ID: 2002-0755 (see also: NVD)
Bugtraq ID: 4777
Related OSVDB ID: 4892
ISS X-Force ID: 9125
Vendor Specific Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc
Vendor URL: http://freebsd.org

Credit

- papipsychohotmail.com -

Direct URL: http://osvdb.org/4893

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

FreeBSD Project

Kerberos 5

References

Credit