VYPR
Unrated severityNVD Advisory· Published Jul 11, 2011· Updated Jun 16, 2026

CVE-2011-1526

CVE-2011-1526

Description

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Mit/Krb5 Appl2 versions
    cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*range: <1.0.1
    • (no CPE)range: <=1.0.1
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:vmware:*:*
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

22

News mentions

0

No linked articles in our index yet.