Computer Security
[EN] securityvulns.ru
no-pyccku

  

sudo with Kerberos authentication privilege escalation
Published:11.06.2007
Source:BUGTRAQ
SecurityVulns ID:7791
Type:local
Level:5/10
Description:sudo fails to check granted tickets match to requested service, making it possible to use faked Kerberos server.
Affected:SUDO : sudo 1.6
Original documentdocumentThor Lancelot , MIT krb5: makes sudo authentication issue MUCH worse. (11.06.2007)
 documentThor Lancelot , Sudo: local root compromise with krb5 enabled (11.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru