Security update for Novell Kerberos KDC

  • 3277932
  • 30-Aug-2006
  • 16-May-2013


Novell Kerberos KDC


In the ksu application program packaged in the Novell Kerberos KDC distribution, calls to setuid() and seteuid() were not always checked for success. It is believed that the primary risk is to Linux systems, due to the behavior of their implementation of the setuid() and seteuid() system calls. A local user could potentially exploit one of these vulnerabilities to result in privilege escalation.  No exploit code is known to exist at this time. 


Install version 1.0.1 of the Novell Kerberos KDC which contains a new ksu utility without the vulnerability. The new release is available at the Novell download site.


Security Alert

Additional Information

CVE: CVE-2006-3083

CVE: CVE-2006-3084