CVE-2011-1526
It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5_setegid() function call. On systems where the set real, set effective, or set saved group ID system calls might fail, a remote FTP user could use this flaw to gain unauthorized read or write access to files that were owned by the root group.
Find out more about CVE-2011-1526 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue was addressed in krb5-appl packages in Red Hat Enterprise Linux 6 via RHSA-2011:0920 and krb5 packages in Red Hat Enterprise Linux 5 via RHSA-2012:0306.
This issue is not planned to be addressed in Red Hat Enterprise Linux 4, where this issue was rated as having low security impact.
CVSS v2 metrics
| Base Score | 5.5 |
|---|---|
| Base Metrics | AV:N/AC:L/Au:S/C:P/I:P/A:N |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | Single |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | None |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 6 (krb5-appl) | RHSA-2011:0920 | 2011-07-05 |
| Red Hat Enterprise Linux 5 (krb5) | RHSA-2012:0306 | 2012-02-21 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 4 | krb5 | Will not fix |