{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-05T00:00:00", "descriptions": [{"lang": "en", "value": "ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "SUSE-SU-2012:0042", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html"}, {"name": "SUSE-SU-2012:0018", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html"}, {"name": "RHSA-2011:0920", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0920.html"}, {"name": "48101", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48101"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt"}, {"name": "openSUSE-SU-2011:1169", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html"}, {"name": "openSUSE-SU-2012:0019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html"}, {"name": "kerberos-krb5appl-priv-esc(68398)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68398"}, {"name": "SUSE-SU-2012:0050", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html"}, {"name": "45145", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45145"}, {"name": "openSUSE-SU-2012:0051", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711419"}, {"name": "SUSE-SU-2012:0010", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html"}, {"name": "45157", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45157"}, {"name": "8301", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8301"}, {"name": "MDVSA-2011:117", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:117"}, {"name": "FEDORA-2011-9109", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html"}, {"name": "48571", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48571"}, {"name": "73617", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/73617"}, {"name": "DSA-2283", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2283"}, {"name": "20110705 MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/518733/100/0/threaded"}, {"name": "FEDORA-2011-9080", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1526", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SU-2012:0042", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html"}, {"name": "SUSE-SU-2012:0018", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html"}, {"name": "RHSA-2011:0920", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0920.html"}, {"name": "48101", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48101"}, {"name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt"}, {"name": "openSUSE-SU-2011:1169", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html"}, {"name": "openSUSE-SU-2012:0019", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html"}, {"name": "kerberos-krb5appl-priv-esc(68398)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68398"}, {"name": "SUSE-SU-2012:0050", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html"}, {"name": "45145", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45145"}, {"name": "openSUSE-SU-2012:0051", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=711419", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711419"}, {"name": "SUSE-SU-2012:0010", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html"}, {"name": "45157", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45157"}, {"name": "8301", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8301"}, {"name": "MDVSA-2011:117", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:117"}, {"name": "FEDORA-2011-9109", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html"}, {"name": "48571", "refsource": "BID", "url": "http://www.securityfocus.com/bid/48571"}, {"name": "73617", "refsource": "OSVDB", "url": "http://www.osvdb.org/73617"}, {"name": "DSA-2283", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2283"}, {"name": "20110705 MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/518733/100/0/threaded"}, {"name": "FEDORA-2011-9080", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:28:41.820Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2012:0042", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html"}, {"name": "SUSE-SU-2012:0018", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html"}, {"name": "RHSA-2011:0920", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0920.html"}, {"name": "48101", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48101"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt"}, {"name": "openSUSE-SU-2011:1169", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html"}, {"name": "openSUSE-SU-2012:0019", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html"}, {"name": "kerberos-krb5appl-priv-esc(68398)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68398"}, {"name": "SUSE-SU-2012:0050", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html"}, {"name": "45145", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45145"}, {"name": "openSUSE-SU-2012:0051", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711419"}, {"name": "SUSE-SU-2012:0010", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html"}, {"name": "45157", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45157"}, {"name": "8301", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8301"}, {"name": "MDVSA-2011:117", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:117"}, {"name": "FEDORA-2011-9109", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html"}, {"name": "48571", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48571"}, {"name": "73617", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/73617"}, {"name": "DSA-2283", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2283"}, {"name": "20110705 MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/518733/100/0/threaded"}, {"name": "FEDORA-2011-9080", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1526", "datePublished": "2011-07-11T20:00:00", "dateReserved": "2011-03-29T00:00:00", "dateUpdated": "2024-08-06T22:28:41.820Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA9C0968-7B74-414A-B1B6-B823B446845B", "versionEndExcluding": "1.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*", "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*", "matchCriteriaId": "60FBDD82-691C-4D9D-B71B-F9AFF6931B53", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*", "matchCriteriaId": "22A79A35-05DB-4B9F-AD3E-EA6F933CF10C", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*", "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*", "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*", "matchCriteriaId": "A44C3422-0D42-473E-ABB4-279D7494EE2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:vmware:*:*", "matchCriteriaId": "544D7864-8F4A-4ABC-AA5E-01F73D273C63", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "matchCriteriaId": "436EF2ED-FDBB-4B64-8EC4-33C3E4253F06", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*", "matchCriteriaId": "E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script."}, {"lang": "es", "value": "ftpd.c en el demonio GSS-API FTP en MIT Kerberos Version 5 Applications (tambi\u00e9n conocido como krb5-appl) v1.0.1 y anteriores no comprueban el valor de retorno krb5_setegid, lo que permite que usuarios autenticados de forma remota evitar las restricciones de acceso de grupo, y crear, sobreescribir, borrar, o leer ficheros, a trav\u00e9s de comandos FTP est\u00e1ndar, relacionado con test autoconfigurados olvidados en un script configurado."}], "id": "CVE-2011-1526", "lastModified": "2021-02-02T18:36:22.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-11T20:55:01.067", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/45145"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/45157"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/48101"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/8301"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2011/dsa-2283"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:117"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/73617"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0920.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/518733/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/48571"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711419"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68398"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank MIT Kerberos project for reporting this issue. Upstream acknowledges Tim Zingelman as the original reporter.", "affected_release": [{"advisory": "RHSA-2012:0306", "cpe": "cpe:/o:redhat:enterprise_linux:5", "impact": "low", "package": "krb5-0:1.6.1-70.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-02-21T00:00:00Z"}, {"advisory": "RHSA-2011:0920", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "krb5-appl-0:1.0.1-2.el6_1.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-07-05T00:00:00Z"}], "bugzilla": {"description": "krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)", "id": "711419", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711419"}, "csaw": false, "cvss": {"cvss_base_score": "5.5", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "status": "verified"}, "details": ["ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.", "It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5_setegid() function call. On systems where the set real, set effective, or set saved group ID system calls might fail, a remote FTP user could use this flaw to gain unauthorized read or write access to files that were owned by the root group."], "name": "CVE-2011-1526", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "impact": "low", "package_name": "krb5", "product_name": "Red Hat Enterprise Linux 4"}], "public_date": "2011-07-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-1526\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1526"], "statement": "This issue was addressed in krb5-appl packages in Red Hat Enterprise Linux 6 via RHSA-2011:0920 and krb5 packages in Red Hat Enterprise Linux 5 via RHSA-2012:0306.\nThis issue is not planned to be addressed in Red Hat Enterprise Linux 4, where this issue was rated as having low security impact.", "threat_severity": "Important"}