Vulnerability CVE-2006-0582 - CERT Civis.Net

Vulnerability Name:

CVE-2006-0582 (CCN-24532)

Assigned:

2006-02-06

Published:

2006-02-06

Updated:

2018-10-19

Summary:

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.

CVSS v3 Severity:

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2006-0582

Source: CCN
Type: SA18733
Heimdal rshd Privilege Escalation and Telnet Denial of Service

Source: SECUNIA
Type: Patch, Vendor Advisory
18733

Source: SECUNIA
Type: Patch, Vendor Advisory
18806

Source: SECUNIA
Type: Patch, Vendor Advisory
18894

Source: SECUNIA
Type: Patch, Vendor Advisory
19005

Source: SECUNIA
Type: Patch, Vendor Advisory
19302

Source: CCN
Type: SECTRACK ID: 1015591
Heimdal RSHD Credential Cache Bug Lets Local Users Gain Elevated Privileges

Source: SECTRACK
Type: UNKNOWN
1015591

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-977

Source: DEBIAN
Type: DSA-977
heimdal -- several vulnerabilities

Source: CCN
Type: GLSA-200603-14
Heimdal: rshd privilege escalation

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200603-14

Source: OSVDB
Type: UNKNOWN
22986

Source: CCN
Type: OSVDB ID: 22986
Heimdal rshd Server Forwarded Credential Overwrite Privilege Escalation

Source: CCN
Type: Heimdal Advisory 2006-02-06
rshd privilege escalation vulnerability

Source: CONFIRM
Type: Patch
http://www.pdc.kth.se/heimdal/advisory/2006-02-06/

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:011

Source: BID
Type: Patch
16524

Source: CCN
Type: BID-16524
Heimdal RSHD Local Privilege Escalation Vulnerability

Source: MLIST
Type: UNKNOWN
[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6

Source: CCN
Type: USN-247-1
heimdal vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-253-1

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0456

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0628

Source: XF
Type: UNKNOWN
heimdal-rshd-privilege-elevation(24532)

Source: XF
Type: UNKNOWN
heimdal-rshd-privilege-elevation(24532)

Source: UBUNTU
Type: UNKNOWN
USN-247-1

Source: SUSE
Type: SUSE-SA:2006:011
heimdal remote denial of service

Vulnerable Configuration:

Configuration 1:

cpe:/a:kth:heimdal:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.6.5:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.7.1.1:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.7.1.2:*:*:*:*:*:*:*

OR cpe:/a:kth:heimdal:0.7.1.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20060582	V	CVE-2006-0582	2015-11-16
oval:org.debian:def:977	V	several vulnerabilities	2006-02-16