From BugTraq posting: * If anonymous FTP is enabled, a remote user may gain unauthorized root access. * A user with access to a local account may gain unauthorized root access. * A remote user who can successfully authenticate to the FTP daemon may obtain unauthorized root access, regardless of whether anonymous FTP is enabled or whether access is granted to a local account. This vulnerability is believed to be somewhat difficult to exploit. This announcement and code patches related to it may be found on the MIT Kerberos security advisory page at: http://web.mit.edu/kerberos/www/advisories/index.html
*** This bug has been marked as a duplicate of 35978 ***