FKIE_CVE-2006-0582

Vulnerability from fkie_nvd - Published: 2006-02-08 01:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
References
cve@mitre.orghttp://secunia.com/advisories/18733Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18806Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18894Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19005Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19302Patch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1015591
cve@mitre.orghttp://www.debian.org/security/2006/dsa-977Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200603-14.xmlPatch, Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/22986
cve@mitre.orghttp://www.pdc.kth.se/heimdal/advisory/2006-02-06/Patch
cve@mitre.orghttp://www.securityfocus.com/archive/1/426043/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/16524Patch
cve@mitre.orghttp://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html
cve@mitre.orghttp://www.ubuntu.com/usn/usn-253-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/0456Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/0628Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/24532
cve@mitre.orghttps://usn.ubuntu.com/247-1/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18733Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18806Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18894Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19005Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19302Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015591
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-977Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200603-14.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/22986
af854a3a-2127-422b-91ae-364da2661108http://www.pdc.kth.se/heimdal/advisory/2006-02-06/Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/426043/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16524Patch
af854a3a-2127-422b-91ae-364da2661108http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-253-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0456Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0628Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24532
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/247-1/
Impacted products
Vendor Product Version
kth heimdal 0.6.1
kth heimdal 0.6.2
kth heimdal 0.6.3
kth heimdal 0.6.4
kth heimdal 0.6.5
kth heimdal 0.7.1
kth heimdal 0.7.1.1
kth heimdal 0.7.1.2
kth heimdal 0.7.1.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F1CE868-E352-422A-BC84-94A6781D7119",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4940AAA1-A24F-46CC-B6EA-AE501D6AADE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "603FCBB1-D450-4F34-A391-5C629294F3F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5956639B-01FC-44C7-8CA9-1A7F5805C029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "127A27A4-D022-468C-9389-7D571D4E1901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DE2636-A566-4E90-BA21-E50B5505C79F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C375B952-22B2-4D90-A80F-FCC5C394BFA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08DF5422-8DB9-427F-BDFB-D8C667366F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kth:heimdal:0.7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "237363DB-8160-4B5D-B15E-F3D380C31251",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Heimdal  0.6.x anteriores a 0.6.6 y 0.7.x anteriores a 0.7.2 cuando se almacenan credenciales remitidos, permite a atacantes sobreescribir ficheros de su elecci\u00f3n y cambiar la propiedad de los ficheros mediante vectores desconocidos."
    }
  ],
  "id": "CVE-2006-0582",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-02-08T01:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18733"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18806"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18894"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19005"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19302"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015591"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-977"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/22986"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16524"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-253-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0456"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0628"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/247-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18806"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/22986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16524"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-253-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/247-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.