Vulnerability Details : CVE-2011-1526
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.
Products affected by CVE-2011-1526
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1526
1.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1526
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2011-1526
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1526
-
http://www.debian.org/security/2011/dsa-2283
Debian -- Security Information -- DSA-2283-1 krb5-applThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062699.html
[SECURITY] Fedora 14 Update: krb5-appl-1.0.1-4.fc14Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html
[security-announce] SUSE-SU-2012:0050-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html
[security-announce] openSUSE-SU-2012:0051-1: important: krb5-appl: FixedMailing List;Third Party Advisory
-
http://securityreason.com/securityalert/8301
FTP daemon fails to set effective group ID - CXSecurity.comThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html
[security-announce] openSUSE-SU-2011:1169-1: important: krb5: fixed kdcMailing List;Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:117
mandriva.comThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062681.html
[SECURITY] Fedora 15 Update: krb5-appl-1.0.1-7.fc15Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
[security-announce] SUSE-SU-2012:0010-1: important: Security update forMailing List;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2011-0920.html
SupportThird Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/68398
MIT Kerberos krb5-appl privilege escalation CVE-2011-1526 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/48101
Sign inThird Party Advisory
-
http://www.securityfocus.com/bid/48571
MIT Kerberos krb5-appl FTP Daemon EGID Remote Privilege Escalation VulnerabilityPatch;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html
[security-announce] SUSE-SU-2012:0018-1: important: Security update forMailing List;Third Party Advisory
-
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-005.txt
Patch;Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=711419
711419 – (CVE-2011-1526) CVE-2011-1526 krb5, krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)Issue Tracking;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
[security-announce] SUSE-SU-2012:0042-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securityfocus.com/archive/1/518733/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html
[security-announce] openSUSE-SU-2012:0019-1: important: krb5-appl: FixedMailing List;Third Party Advisory
Jump to