[prev in list] [next in list] [prev in thread] [next in thread]
List: mandrake-security-announce
Subject: [Security Announce] MDKSA-2005:119 - Updated krb5 packages fix
From: Mandriva Security Team <security () mandriva ! com>
Date: 2005-07-14 3:28:12
Message-ID: E1DsuOS-0005Uu-9K () mercury ! mandriva ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: krb5
Advisory ID: MDKSA-2005:119
Date: July 13th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1,
Multi Network Firewall 2.0
______________________________________________________________________
Problem Description:
A number of vulnerabilities have been corrected in this Kerberos
update:
The rcp protocol would allow a server to instruct a client to write to
arbitrary files outside of the current directory. The Kerberos-aware
rcp could be abused to copy files from a malicious server
(CAN-2004-0175).
Gael Delalleau discovered an information disclosure vulnerability in
the way some telnet clients handled messages from a server. This could
be abused by a malicious telnet server to collect information from the
environment of any victim connecting to the server using the Kerberos-
aware telnet client (CAN-2005-0488).
Daniel Wachdorf disovered that in error conditions that could occur in
response to correctly-formatted client requests, the Kerberos 5 KDC may
attempt to free uninitialized memory, which could cause the KDC to
crash resulting in a Denial of Service (CAN-2005-1174).
Daniel Wachdorf also discovered a single-byte heap overflow in the
krb5_unparse_name() function that could, if successfully exploited,
lead to a crash, resulting in a DoS. To trigger this flaw, an attacker
would need to have control of a Kerberos realm that shares a cross-
realm key with the target (CAN-2005-1175).
Finally, a double-free flaw was discovered in the krb5_recvauth()
routine which could be triggered by a remote unauthenticated attacker.
This issue could potentially be exploited to allow for the execution of
arbitrary code on a KDC. No exploit is currently known to exist
(CAN-2005-1689).
The updated packages have been patched to address this issue and
Mandriva urges all users to upgrade to these packages as quickly as
possible.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689
http://www.kb.cert.org/vuls/id/623332
http://www.kb.cert.org/vuls/id/259798
http://www.kb.cert.org/vuls/id/885830
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
c87b9ac1660b8cb7909f0d7809e60c16 10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.i586.rpm
6f42470b37ea66bb7570694acf4b170c 10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.i586.rpm
bf802310809218151a91f70b431f58f7 10.0/RPMS/krb5-server-1.3-6.6.100mdk.i586.rpm
dd0120f441cbe289189c98d1a6e7c9b5 10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.i586.rpm
69c40a89709e887063a3e817325125b9 10.0/RPMS/libkrb51-1.3-6.6.100mdk.i586.rpm
34a0289675fc35576e2cb715a6e2117b 10.0/RPMS/libkrb51-devel-1.3-6.6.100mdk.i586.rpm
bed8b731d7e752b4bcffe98abdbd7d3e \
10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.i586.rpm \
7b01eaa867670ef32aafc0c62d1e9b01 \
10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.i586.rpm \
7b00ffd04e5fb1328a8ecfc3bad58827 10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
174fdb05eb1f32630ff9e7796800f554 \
amd64/10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.amd64.rpm \
97eb89e96cccdd269d1aed4c19d0c31c \
amd64/10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.amd64.rpm \
f57777163fcbca96e8f032fe22134414 \
amd64/10.0/RPMS/krb5-server-1.3-6.6.100mdk.amd64.rpm \
befa694e6b367b7ad9ac6f127edb28c4 \
amd64/10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.amd64.rpm \
caaa22fb8566f59f749234cb6d2065f1 amd64/10.0/RPMS/lib64krb51-1.3-6.6.100mdk.amd64.rpm \
8f869dbf84022f913fc14841741cba82 \
amd64/10.0/RPMS/lib64krb51-devel-1.3-6.6.100mdk.amd64.rpm \
83d63d52ab2fa1545a8bfbcd81cf4b89 \
amd64/10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.amd64.rpm \
ba7fc18ac57bda1f05aaf42c82dcd196 \
amd64/10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.amd64.rpm \
7b00ffd04e5fb1328a8ecfc3bad58827 amd64/10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm
Mandrakelinux 10.1:
fb9247177c9a8e1c97058458c70e6a38 \
10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.i586.rpm dc55f0d19df94d5c4314ba7476d267f7 \
10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.i586.rpm 0a87d233095d1cd13ee637153dcc5b59 \
10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.i586.rpm f8e4067a77c9d5bb681d2460bf2063b9 \
10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.i586.rpm \
e0d4e8e580f3b6499bc405aed49552d3 10.1/RPMS/libkrb53-1.3.4-2.3.101mdk.i586.rpm \
73e3abef9c847fe90db56483531a1cf1 10.1/RPMS/libkrb53-devel-1.3.4-2.3.101mdk.i586.rpm \
ab219aaacc9c024b737f323350f20745 \
10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.i586.rpm \
59950fc14b9ebde521822ceb72e020b5 \
10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.i586.rpm \
b6791f0e031795f328a2373bd6bff4af 10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
7cc15d17e2dd069951ae1033e2e5da0f \
x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm \
08d8d3cd6b8e3be3a0647feb3a041cc0 \
x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm \
6ef2f47ace0c658673c20e7428058b3f \
x86_64/10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.x86_64.rpm \
eb7c38bbfacd43534d2508872ae07637 \
x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.x86_64.rpm \
911d542523934cae7891eb3aa1b4c22c \
x86_64/10.1/RPMS/lib64krb53-1.3.4-2.3.101mdk.x86_64.rpm \
42c8a131ea1bb6b4a71826fa0367dcd9 \
x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.3.101mdk.x86_64.rpm \
991aadec0a33745198589b1619f42190 \
x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm \
9fecbd14c5b908416e2eb5b8b7900602 \
x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm \
b6791f0e031795f328a2373bd6bff4af x86_64/10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm
Mandrakelinux 10.2:
2370d0bcd8e1055b828cbc5fd61b80fb \
10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.i586.rpm 77d6d6822faf2d46126324d52b7de350 \
10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.i586.rpm fd97b673156aab9df1dd084fa00ca4ee \
10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.i586.rpm e097b32bff94a889e9287328ea4383a7 \
10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.i586.rpm \
10b12d24aeacbc51a72c5f6df7e063ab 10.2/RPMS/libkrb53-1.3.6-6.1.102mdk.i586.rpm \
c1b8458fdd25b9ac51338978958886b9 10.2/RPMS/libkrb53-devel-1.3.6-6.1.102mdk.i586.rpm \
225fb2cfd2b8a30d0743cc691a98f862 \
10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.i586.rpm \
c7145ab6eb80b5a5bd6438dc1292c208 \
10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.i586.rpm \
fc23e2f504e65b3ed2304bbf44b17626 10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
48bf82662d9dc709f7b6fc93d408ec36 \
x86_64/10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm \
a99dcafc0f131bee2fdd481a3c3b74ae \
x86_64/10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm \
6575fa785756ec309bc9a532ea201998 \
x86_64/10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.x86_64.rpm \
9de12fff0f2556fc1b37309f3df38f43 \
x86_64/10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.x86_64.rpm \
979d3a3a1076b5e1379388dfa12cbf14 \
x86_64/10.2/RPMS/lib64krb53-1.3.6-6.1.102mdk.x86_64.rpm \
51fdffc99853d03ae464cfd45e477cf8 \
x86_64/10.2/RPMS/lib64krb53-devel-1.3.6-6.1.102mdk.x86_64.rpm \
0f52ac0e1c637d1c9cd8ec0ce40f9221 \
x86_64/10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm \
398385ff0c438b3ddf4e086a44ae118c \
x86_64/10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm \
fc23e2f504e65b3ed2304bbf44b17626 x86_64/10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm
Multi Network Firewall 2.0:
fabcf16faccef529a4a5d95e52e4474a mnf/2.0/RPMS/libkrb51-1.3-6.6.M20mdk.i586.rpm
0a612cf3624c0e0279705eb4658cf08e mnf/2.0/SRPMS/krb5-1.3-6.6.M20mdk.src.rpm
Corporate Server 2.1:
fb109362079c6f8a2aec1ca618882513 \
corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.i586.rpm \
92725fca271543c54c907c4860a9c225 \
corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.i586.rpm \
bc56956b9c25b804e9238aa750c79688 \
corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.i586.rpm \
85da226bcd5c58f611c77e457505e660 \
corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.i586.rpm \
680c3f4ff6a53c12ea5f706858a29c30 \
corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.i586.rpm \
ed55cd70d63d65c1ef644672a331beca \
corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.i586.rpm \
2032b8637d45463118b6b2cec796ea89 \
corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.i586.rpm \
2f0aedf68f2a0e33a6a94139eaf50cac \
corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.i586.rpm \
5998fcf5b2a19bac3f513fd9a196093f corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
ef0287c7f515b77e4ee9c816564298c1 \
x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm \
94268948f1c84bb9f2b194d02467e3e6 \
x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm \
5f07977c217d7e8f03cf1264671100ea \
x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.x86_64.rpm \
2af63c080bcce672cb112ecfcddd79cd \
x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.x86_64.rpm \
224dfdac58646589d1bd5a50bb4ca3b9 \
x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.x86_64.rpm \
199e3235e0ed34edc0d2ce377534c441 \
x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.x86_64.rpm \
65b63aa5728e478eb566100c1e2a8061 \
x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm \
0550444014da765a97deea983332d45e \
x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm \
5998fcf5b2a19bac3f513fd9a196093f \
x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm
Corporate 3.0:
dc39a416e792dbe6bd3c30e2a4be7350 \
corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.i586.rpm \
1a351c0d939faecda9051d9432afe724 \
corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.i586.rpm \
ddd38c40766625e7ac7a2c7964d1bf99 \
corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.i586.rpm \
8e83fef835a01e12aa3273b8b8970717 \
corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.i586.rpm \
24a4d0ffa3c2651121d7f7381cafad29 corporate/3.0/RPMS/libkrb51-1.3-6.6.C30mdk.i586.rpm \
be8a2e1088d1b06054a97c773960b0e0 \
corporate/3.0/RPMS/libkrb51-devel-1.3-6.6.C30mdk.i586.rpm \
1274d73b2ada444ebe50b998d1d83d6a \
corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.i586.rpm \
fdf3981cdc25a9afee54a61cb01d042c \
corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.i586.rpm \
1738741854a9259ef09e6a6325349a14 corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm
Corporate 3.0/X86_64:
e6eda8a4875598ce56e56a7c45a9ca95 \
x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.x86_64.rpm \
e7bd3ed8c1e29b25ebb3bffc3fa8c46a \
x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.x86_64.rpm \
e134c8918d95e99784b9e1a4078fd7ab \
x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.x86_64.rpm \
0bf662ecfd42b2f68b2af8e05ad510c7 \
x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.x86_64.rpm \
262c7ec2ae2a0f72f3891abd5ed1b400 \
x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.6.C30mdk.x86_64.rpm \
be39364202543ef56bbce8f5d69bf309 \
x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.6.C30mdk.x86_64.rpm \
d734050c0bfc0e5e65834aee4df6c77d \
x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.x86_64.rpm \
3a78f34256effe43feb9d6f3dc0fc62d \
x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.x86_64.rpm \
1738741854a9259ef09e6a6325349a14 \
x86_64/corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm \
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC1dvMmqjQ0CJFipgRArE7AJ9waVzWhtxKjvlZlKVtc6/OfznZNQCdG0Dn
n5En05/4DjAyPg88vHEBPQg=
=YWXS
-----END PGP SIGNATURE-----
["message.footer" (text/plain)]
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic