oss-security - CVE request: OpenSSH ~/.k5users patch (Fedora and downstreams)

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <547DD30E.5050200@redhat.com>
Date: Tue, 02 Dec 2014 15:56:14 +0100
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: CVE request: OpenSSH ~/.k5users patch (Fedora and downstreams)

In a Kerberos environment, the Fedora and Red Hat Enterprise Linux 7 
version of the OpenSSH server allows remote, authenticated users to log 
in as another user if they are listed in a ~/.k5users file of that other 
user.  This unexpectedly alters the system security policy, as expressed 
through the ~/.k5users file, because previously, users would have to log 
in locally, potentially requiring different forms of authentication, 
before they could use the ksu command to switch users.

Red Hat Bugzilla:

   <https://bugzilla.redhat.com/show_bug.cgi?id=1169843>

Patch in upstream bug tracker:

   <https://bugzilla.mindrot.org/show_bug.cgi?id=1867>

-- 
Florian Weimer / Red Hat Product Security

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.