diff -u -r heimdal-0.7.2/appl/dceutils/ChangeLog heimdal-0.7.2-setuid/appl/dceutils/ChangeLog
--- heimdal-0.7.2/appl/dceutils/ChangeLog	2005-04-06 13:23:17.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/dceutils/ChangeLog	2006-08-31 14:49:15.000000000 +0200
@@ -1,5 +1,9 @@
-2005-04-06  Love Hrnquist strand  <lha@it.su.se>
+2006-08-08  Love Hrnquist strand  <lha@it.su.se>
 
+	* k5dcecon.c: Check for seteuid failure, prompted by MIT advisory.
+	
+2005-04-06  Love Hrnquist strand  <lha@it.su.se>
+	
 	* testpag.c: use NULL as last argument to execl, not 0
 
 2002-08-12  Johan Danielsson  <joda@pdc.kth.se>
diff -u -r heimdal-0.7.2/appl/dceutils/k5dcecon.c heimdal-0.7.2-setuid/appl/dceutils/k5dcecon.c
--- heimdal-0.7.2/appl/dceutils/k5dcecon.c	2002-08-09 15:19:41.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/dceutils/k5dcecon.c	2006-08-31 14:49:15.000000000 +0200
@@ -71,7 +71,7 @@
 #endif
 
 #ifdef __hpux
-#define seteuid(A)		setresuid(-1,A,-1);
+#define seteuid(A)		setresuid(-1,A,-1)
 #endif
 
 
@@ -549,7 +549,8 @@
 	 */
 
 	if (uid == 0) {
-		seteuid(luid);
+		if (seteuid(luid) < 0)
+			goto abort;
 	}  
 
 	cp = strchr(pname,'@');
diff -u -r heimdal-0.7.2/appl/ftp/ChangeLog heimdal-0.7.2-setuid/appl/ftp/ChangeLog
--- heimdal-0.7.2/appl/ftp/ChangeLog	2005-05-29 23:42:45.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/ftp/ChangeLog	2006-08-31 14:49:15.000000000 +0200
@@ -1,3 +1,9 @@
+2006-08-08  Love Hrnquist strand  <lha@it.su.se>
+
+	* rcp.c: Check return values from seteuid, prompted by MIT
+	advisory.  Thanks to Tom Yu at MIT, and Michael Calmer and Marcus
+	Meissner at SUSE.  Either of CVE-2006-3083 or CVE-2006-3084.
+	
 2005-05-29  Love Hrnquist strand  <lha@it.su.se>
 
 	* ftpd/ftpd.c: avoid 'unused variable' warnings
diff -u -r heimdal-0.7.2/appl/ftp/ftpd/ftpd.c heimdal-0.7.2-setuid/appl/ftp/ftpd/ftpd.c
--- heimdal-0.7.2/appl/ftp/ftpd/ftpd.c	2005-06-02 12:41:28.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/ftp/ftpd/ftpd.c	2006-08-31 14:49:15.000000000 +0200
@@ -138,9 +138,9 @@
 static int	 checkuser (char *, char *);
 static int	 checkaccess (char *);
 static FILE	*dataconn (const char *, off_t, const char *);
-static void	 dolog (struct sockaddr *sa, int len);
+static void	 dolog (struct sockaddr *, int);
 static void	 end_login (void);
-static FILE	*getdatasock (const char *);
+static FILE	*getdatasock (const char *, int);
 static char	*gunique (char *);
 static RETSIGTYPE	 lostconn (int);
 static int	 receive_data (FILE *, FILE *);
@@ -835,7 +835,8 @@
 end_login(void)
 {
 
-	seteuid((uid_t)0);
+	if (seteuid((uid_t)0) < 0)
+		fatal("Failed to seteuid");
 	if (logged_in)
 		ftpd_logwtmp(ttyline, "", "");
 	pw = NULL;
@@ -1208,14 +1209,15 @@
 }
 
 static FILE *
-getdatasock(const char *mode)
+getdatasock(const char *mode, int domain)
 {
 	int s, t, tries;
 
 	if (data >= 0)
 		return (fdopen(data, mode));
-	seteuid(0);
-	s = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
+	if (seteuid(0) < 0)
+		fatal("Failed to seteuid");
+	s = socket(domain, SOCK_STREAM, 0);
 	if (s < 0)
 		goto bad;
 	socket_set_reuseaddr (s, 1);
@@ -1232,7 +1234,8 @@
 			goto bad;
 		sleep(tries);
 	}
-	seteuid(pw->pw_uid);
+	if (seteuid(pw->pw_uid) < 0)
+		fatal("Failed to seteuid");
 #ifdef IPTOS_THROUGHPUT
 	socket_set_tos (s, IPTOS_THROUGHPUT);
 #endif
@@ -1240,7 +1243,8 @@
 bad:
 	/* Return the real value of errno (close may change it) */
 	t = errno;
-	seteuid((uid_t)pw->pw_uid);
+	if (seteuid((uid_t)pw->pw_uid) < 0)
+		fatal("Failed to seteuid");
 	close(s);
 	errno = t;
 	return (NULL);
@@ -1271,7 +1275,7 @@
 {
 	char sizebuf[32];
 	FILE *file;
-	int retry = 0;
+	int domain, retry = 0;
 
 	file_size = size;
 	byte_count = 0;
@@ -1318,7 +1322,15 @@
 	if (usedefault)
 		data_dest = his_addr;
 	usedefault = 1;
-	file = getdatasock(mode);
+	/* 
+	 * Default to using the same socket type as the ctrl address,
+	 * unless we know the type of the data address.
+	 */
+	domain = data_dest->sa_family;
+	if (domain == PF_UNSPEC)
+	    domain = ctrl_addr->sa_family;
+
+	file = getdatasock(mode, domain);
 	if (file == NULL) {
 		char data_addr[256];
 
@@ -1889,11 +1901,11 @@
     transflag = 0;
     urgflag = 0;
     if (logged_in) {
-	seteuid((uid_t)0);
-	ftpd_logwtmp(ttyline, "", "");
 #ifdef KRB4
 	cond_kdestroy();
 #endif
+	seteuid((uid_t)0); /* No need to check, we call exit() below */
+	ftpd_logwtmp(ttyline, "", "");
     }
     /* beware of flushing buffers after a SIGPIPE */
 #ifdef XXX
@@ -2006,12 +2018,15 @@
 				     0);
 	socket_set_portrange(pdata, restricted_data_ports, 
 	    pasv_addr->sa_family); 
-	seteuid(0);
+	if (seteuid(0) < 0)
+		fatal("Failed to seteuid");
 	if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
-		seteuid(pw->pw_uid);
+		if (seteuid(pw->pw_uid) < 0)
+			fatal("Failed to seteuid");
 		goto pasv_error;
 	}
-	seteuid(pw->pw_uid);
+	if (seteuid(pw->pw_uid) < 0)
+		fatal("Failed to seteuid");
 	len = sizeof(pasv_addr_ss);
 	if (getsockname(pdata, pasv_addr, &len) < 0)
 		goto pasv_error;
@@ -2050,12 +2065,15 @@
 				     0);
 	socket_set_portrange(pdata, restricted_data_ports, 
 	    pasv_addr->sa_family); 
-	seteuid(0);
+	if (seteuid(0) < 0)
+		fatal("Failed to seteuid");
 	if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
-		seteuid(pw->pw_uid);
+		if (seteuid(pw->pw_uid))
+			fatal("Failed to seteuid");
 		goto pasv_error;
 	}
-	seteuid(pw->pw_uid);
+	if (seteuid(pw->pw_uid) < 0)
+		fatal("Failed to seteuid");
 	len = sizeof(pasv_addr_ss);
 	if (getsockname(pdata, pasv_addr, &len) < 0)
 		goto pasv_error;
diff -u -r heimdal-0.7.2/appl/rcp/rcp.c heimdal-0.7.2-setuid/appl/rcp/rcp.c
--- heimdal-0.7.2/appl/rcp/rcp.c	2005-05-11 13:04:30.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/rcp/rcp.c	2006-08-31 14:49:15.000000000 +0200
@@ -119,13 +119,15 @@
 
 	if (fflag) {			/* Follow "protocol", send data. */
 		response();
-		setuid(userid);
+		if (setuid(userid) < 0)
+			errx(1, "setuid failed");
 		source(argc, argv);
 		exit(errs);
 	}
 
 	if (tflag) {			/* Receive data. */
-		setuid(userid);
+		if (setuid(userid) < 0)
+			errx(1, "setuid failed");
 		sink(argc, argv);
 		exit(errs);
 	}
@@ -221,7 +223,8 @@
 				if (response() < 0)
 					exit(1);
 				free(bp);
-				setuid(userid);
+				if (setuid(userid) < 0)
+					errx(1, "setuid failed");
 			}
 			source(1, argv+i);
 		}
@@ -270,7 +273,8 @@
 		}
 		free(bp);
 		sink(1, argv + argc - 1);
-		seteuid(0);
+		if (seteuid(0) < 0)
+			exit(1);
 		close(remin);
 		remin = remout = -1;
 	}
diff -u -r heimdal-0.7.2/appl/rcp/util.c heimdal-0.7.2-setuid/appl/rcp/util.c
--- heimdal-0.7.2/appl/rcp/util.c	2005-04-18 09:52:58.000000000 +0200
+++ heimdal-0.7.2-setuid/appl/rcp/util.c	2006-08-31 14:49:15.000000000 +0200
@@ -112,7 +112,8 @@
 		return (127);
 
 	case 0:
-		(void)setuid(userid);
+		if (setuid(userid) < 0)
+			_exit(127);
 		execl(_PATH_BSHELL, "sh", "-c", s, NULL);
 		_exit(127);
 	}
diff -u -r heimdal-0.7.2/lib/roken/iruserok.c heimdal-0.7.2-setuid/lib/roken/iruserok.c
--- heimdal-0.7.2/lib/roken/iruserok.c	2005-04-12 13:28:54.000000000 +0200
+++ heimdal-0.7.2-setuid/lib/roken/iruserok.c	2006-08-31 14:49:15.000000000 +0200
@@ -250,7 +250,8 @@
 		 * are protected read/write owner only.
 		 */
 		uid = geteuid();
-		seteuid(pwd->pw_uid);
+		if (seteuid(pwd->pw_uid) < 0)
+			return (-1);
 		hostf = fopen(pbuf, "r");
 		seteuid(uid);
 
