fix MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities
authorTom Yu <tlyu@mit.edu>
Tue, 8 Aug 2006 19:26:40 +0000 (19:26 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 8 Aug 2006 19:26:40 +0000 (19:26 +0000)
commit7b141abe9aa72db8c7243d4f0a30b87e59789579
tree75758af4fbe75e55f3ed8ded57f650014ffd6170
parent90ce1170a03c1451c1bbe15af6ca1ead326eeb83
fix MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities

* src/appl/gssftp/ftpd/ftpd.c (getdatasock, passive):
* src/appl/bsd/v4rcp.c (main):
* src/appl/bsd/krcp.c (main):
* src/appl/bsd/krshd.c (doit):
* src/appl/bsd/login.c (main):
* src/clients/ksu/main.c (sweep_up):
* src/lib/krb4/kuserok.c (kuserok): Check return values from
setuid() and related functions to avoid privilege escalation
vulnerabilities.  Fixes MITKRB5-SA-2006-001. [CVE-2006-3083,
VU#580124, CVE-2006-3084, VU#401660]

ticket: new
target_version: 1.5.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18420 dc483132-0cff-0310-8789-dd5450dbe970
src/appl/bsd/krcp.c
src/appl/bsd/krshd.c
src/appl/bsd/login.c
src/appl/bsd/v4rcp.c
src/appl/gssftp/ftpd/ftpd.c
src/clients/ksu/main.c
src/lib/krb4/kuserok.c