CVE-2011-1526

DEB

MediumConfirmedExploit available

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid r…

CVSS

5.5

Medium

EPSS

0.00

p55

Published

2011-01-01

Updated

2011-01-01

Description

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.

Tags · CWE

CWE-269

CAPEC-58

CAPEC-122

CAPEC-233

Affected products

Debian_linux

CVSS vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Timeline

2011-01-01

Published

2011-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Authentication

Au: S

Single

Confidentiality Impact

C: P

Partial

Integrity Impact

I: P

Partial

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.003 · p55

Known exploited (KEV)

MITRE ATT&CK

Inferred via CAPEC

T1548Abuse Elevation Control Mechanism

└ via CAPEC-122 · CWE-269

Known exploits — Сканер-ВС

33855

exploitdb · https://www.exploit-db.com/exploits/33855

Enterprise

35606

exploitdb · https://www.exploit-db.com/exploits/35606

Enterprise

Affected software

Product	Vendor	Status
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5		Tracked
krb5-appl		Tracked
krb5-appl		Tracked
debian_linux	*	Tracked
fedora	*	Tracked
krb5-appl	*	Tracked
linux_enterprise_desktop	*	Tracked
linux_enterprise_server	*	Tracked
linux_enterprise_software_development_kit	*	Tracked
opensuse	*	Tracked

Source databases

DEB

CVE

RED

UBU

Related vulnerabilities

BDU:2015-05365 BDU:2015-05366 BDU:2015-05367 BDU:2015-05368 BDU:2015-05369 BDU:2015-05370 BDU:2015-05371 BDU:2015-05372