|
|
Info |
Last Modified |
| 5 months ago |
|
|
|
|
Description |
MIT Kerberos GSSFTP contains a flaw that may allow a remote denial of service. The issue is triggered when GSSFTP fails to check user credentials while executing specific FTP commands, and will result in loss of availability for the system. If the user is allready authenticated with a local account, the same flaw could be exploited in order to obtain administrative (root) privileges on the system.
|
|
Classification |
Location:
Local Access Required,
Remote/Network Access Required
Attack Type:
Denial of Service
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Unknown
|
|
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, MIT has released a patch to address this vulnerability.
|
|
Products |
|
Kerberos 5
 |
5.0 -1.1.1 |
5.0 -1.1 |
5.0 -1.2beta1 |
5.0 -1.2beta2 |
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|