MIT Kerberos 5 GSSFTP FTP Command Restriction Issue
Local Access Required,
Remote / Network Access
Denial of Service
Loss of Integrity,
Loss of Availability
MIT Kerberos GSSFTP contains a flaw that may allow a remote denial of service. The issue is triggered when GSSFTP fails to check user credentials while executing specific FTP commands, and will result in loss of availability for the system. If the user is allready authenticated with a local account, the same flaw could be exploited in order to obtain administrative (root) privileges on the system.
Currently, there are no known workarounds or upgrades to correct this issue. However, MIT has released a patch to address this vulnerability.