<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2004:056 - Updated krb5 packages fix buffer overflow vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           krb5
 Advisory ID:            MDKSA-2004:056
 Date:                   June 3rd, 2004

 Affected versions:      10.0, 9.1, 9.2, Corporate Server 2.1,
                         Multi Network Firewall 8.2
 ______________________________________________________________________

 Problem Description:

 Multiple buffer overflows exist in the krb5_aname_to_localname()
 library function that if exploited could lead to unauthorized root
 privileges.  In order to exploit this flaw, an attacker must first
 successfully authenticate to a vulnerable service, which must be
 configured to enable the explicit mapping or rules-based mapping
 functionality of krb5_aname_to_localname, which is not a default
 configuration.
 
 Mandrakesoft encourages all users to upgrade to these patched krb5
 packages.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0523
  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 3f69e19bae9dc3cb4ee59ca7d3be08ab  
10.0/RPMS/ftp-client-krb5-1.3-6.1.100mdk.i586.rpm
 6a1a0859a8aab0c4d0658209cb1b7f5c  
10.0/RPMS/ftp-server-krb5-1.3-6.1.100mdk.i586.rpm
 83159f49c7f5c143c5b7498153ec79e4  10.0/RPMS/krb5-server-1.3-6.1.100mdk.i586.rpm
 674d93d2240afb54f579920b69484b34  
10.0/RPMS/krb5-workstation-1.3-6.1.100mdk.i586.rpm
 5e132ecbce927441c7be8e6004080535  10.0/RPMS/libkrb51-1.3-6.1.100mdk.i586.rpm
 957327bc8dbd9c7176ac875828e39816  
10.0/RPMS/libkrb51-devel-1.3-6.1.100mdk.i586.rpm
 68890f7386b9d33d85f5c8ca0f527410  
10.0/RPMS/telnet-client-krb5-1.3-6.1.100mdk.i586.rpm
 0b507f70e638c93fd0897ff4a0b56e61  
10.0/RPMS/telnet-server-krb5-1.3-6.1.100mdk.i586.rpm
 990f44e1171410a8a4ff6f9b64a310c7  10.0/SRPMS/krb5-1.3-6.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 9c6e1a4aa3298fc26b743e89ba79fb50  
amd64/10.0/RPMS/ftp-client-krb5-1.3-6.1.100mdk.amd64.rpm
 dd30b5dcc6d6eafb252bea319c47cd72  
amd64/10.0/RPMS/ftp-server-krb5-1.3-6.1.100mdk.amd64.rpm
 be24d1822f4c56eb5d514eb7f4620e94  
amd64/10.0/RPMS/krb5-server-1.3-6.1.100mdk.amd64.rpm
 3315cd08b90a42876cb3fe0df8de7bc1  
amd64/10.0/RPMS/krb5-workstation-1.3-6.1.100mdk.amd64.rpm
 8003ae014ebe45ec26d332cec6a4e0d8  
amd64/10.0/RPMS/lib64krb51-1.3-6.1.100mdk.amd64.rpm
 5f45277c5f4979864a14753208762e29  
amd64/10.0/RPMS/lib64krb51-devel-1.3-6.1.100mdk.amd64.rpm
 3284ca83d423ad7cf00e9f6d7a6eb19f  
amd64/10.0/RPMS/telnet-client-krb5-1.3-6.1.100mdk.amd64.rpm
 963ad02887f98e59894e913f872eb623  
amd64/10.0/RPMS/telnet-server-krb5-1.3-6.1.100mdk.amd64.rpm
 990f44e1171410a8a4ff6f9b64a310c7  amd64/10.0/SRPMS/krb5-1.3-6.1.100mdk.src.rpm

 Corporate Server 2.1:
 28d17e73c658b4633dfb80dc5f9e79d0  
corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.5.C21mdk.i586.rpm
 6d3252882a56eedcf4c1d65d5187da65  
corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.5.C21mdk.i586.rpm
 392cf7a12b155a7e38a1fcbf57356453  
corporate/2.1/RPMS/krb5-devel-1.2.5-1.5.C21mdk.i586.rpm
 4c208f2cc19e6ceb06e7748e3589c6ac  
corporate/2.1/RPMS/krb5-libs-1.2.5-1.5.C21mdk.i586.rpm
 4f2574763f5cbc40b43e988016fa7ad5  
corporate/2.1/RPMS/krb5-server-1.2.5-1.5.C21mdk.i586.rpm
 3c13190ff1dab8751b49d5c3c9588681  
corporate/2.1/RPMS/krb5-workstation-1.2.5-1.5.C21mdk.i586.rpm
 0c048f9883ce94c1f677fcbfb61496dc  
corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.5.C21mdk.i586.rpm
 0d44ecccb454ade87808de678b060834  
corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.5.C21mdk.i586.rpm
 219e71f13c936d8d5f7cd14513dcb751  
corporate/2.1/SRPMS/krb5-1.2.5-1.5.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 eab4f9bd5751049040cd9c9bd7492b08  
x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.5.C21mdk.x86_64.rpm
 a36e3184a7130674020db161a03dc705  
x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.5.C21mdk.x86_64.rpm
 22322929f255095b2d5f54d338ede660  
x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.5.C21mdk.x86_64.rpm
 eb09e34102ea6a43b914dedbcd0da178  
x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.5.C21mdk.x86_64.rpm
 783c614ed1dbbd2405c2e1a70703fc16  
x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.5.C21mdk.x86_64.rpm
 de5a5456f79f795787c6e54a04b6c098  
x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.5.C21mdk.x86_64.rpm
 c6b5b17261c7bffb8c5cdad1fc42d099  
x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.5.C21mdk.x86_64.rpm
 250efd6fd7498de490681f257414d312  
x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.5.C21mdk.x86_64.rpm
 219e71f13c936d8d5f7cd14513dcb751  
x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.5.C21mdk.src.rpm

 Mandrakelinux 9.1:
 2ced4496f263fced47a1507a82c2cb1e  
9.1/RPMS/ftp-client-krb5-1.2.7-1.2.91mdk.i586.rpm
 cab37c9cf0b43e7b6686d7d52246fb38  
9.1/RPMS/ftp-server-krb5-1.2.7-1.2.91mdk.i586.rpm
 85f06e28d5866ca0019331f06128b9d9  9.1/RPMS/krb5-devel-1.2.7-1.2.91mdk.i586.rpm
 7e5fdb86010a2beaca1096d7f5c5a9ec  9.1/RPMS/krb5-libs-1.2.7-1.2.91mdk.i586.rpm
 a6262aca95a4dc7bfbea9b39cad4297e  9.1/RPMS/krb5-server-1.2.7-1.2.91mdk.i586.rpm
 fee32c38e1c94a2b3d951b9eb2c22dae  
9.1/RPMS/krb5-workstation-1.2.7-1.2.91mdk.i586.rpm
 07bd644f73985078acae9e78b3efb570  
9.1/RPMS/telnet-client-krb5-1.2.7-1.2.91mdk.i586.rpm
 0288aecc76e64a0756d4c7c040859f5e  
9.1/RPMS/telnet-server-krb5-1.2.7-1.2.91mdk.i586.rpm
 c9cb232771f711d8dacb9a0247f0f446  9.1/SRPMS/krb5-1.2.7-1.2.91mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 c15b924256dd15bb6251bbd476fd7b89  
ppc/9.1/RPMS/ftp-client-krb5-1.2.7-1.2.91mdk.ppc.rpm
 0505bac3bc6cfc52d25313cd8ed74ef8  
ppc/9.1/RPMS/ftp-server-krb5-1.2.7-1.2.91mdk.ppc.rpm
 803f513a08883b41aae1e25121a180fc  
ppc/9.1/RPMS/krb5-devel-1.2.7-1.2.91mdk.ppc.rpm
 5eb8abff903c9421b4c0e2e5f0a11273  
ppc/9.1/RPMS/krb5-libs-1.2.7-1.2.91mdk.ppc.rpm
 cd82456b41b41cc34b0f49c5062273e5  
ppc/9.1/RPMS/krb5-server-1.2.7-1.2.91mdk.ppc.rpm
 085d8b51236fca2fda043f4d05ff91ea  
ppc/9.1/RPMS/krb5-workstation-1.2.7-1.2.91mdk.ppc.rpm
 50bfa53e1d651b12e9c9896097eddbca  
ppc/9.1/RPMS/telnet-client-krb5-1.2.7-1.2.91mdk.ppc.rpm
 dfa7947c5210d71e2337a31efb55783c  
ppc/9.1/RPMS/telnet-server-krb5-1.2.7-1.2.91mdk.ppc.rpm
 c9cb232771f711d8dacb9a0247f0f446  ppc/9.1/SRPMS/krb5-1.2.7-1.2.91mdk.src.rpm

 Mandrakelinux 9.2:
 3c0064e8fcddb7d92c417d2de44832e6  
9.2/RPMS/ftp-client-krb5-1.3-3.1.92mdk.i586.rpm
 e8a49c0e3083aa62c78a166e13ad8de7  
9.2/RPMS/ftp-server-krb5-1.3-3.1.92mdk.i586.rpm
 684a31c9ad1b9cee39c354c24abd8c82  9.2/RPMS/krb5-server-1.3-3.1.92mdk.i586.rpm
 9e2df5a8153c7f98252ba9ac8f328747  
9.2/RPMS/krb5-workstation-1.3-3.1.92mdk.i586.rpm
 36393ba65d19487fdddb561f3d410d34  9.2/RPMS/libkrb51-1.3-3.1.92mdk.i586.rpm
 3ea03174e1b8d5034bcda9cff28ce46c  
9.2/RPMS/libkrb51-devel-1.3-3.1.92mdk.i586.rpm
 526f8a29e2f79646046f67f7e91de657  
9.2/RPMS/telnet-client-krb5-1.3-3.1.92mdk.i586.rpm
 0ee4ff655a48b36a3caf6b4fc9e58e7b  
9.2/RPMS/telnet-server-krb5-1.3-3.1.92mdk.i586.rpm
 97a04b5c44799791eb1574d72a77dd5a  9.2/SRPMS/krb5-1.3-3.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 dd21326a798dff0e4f18c98d1ee1b25b  
amd64/9.2/RPMS/ftp-client-krb5-1.3-3.1.92mdk.amd64.rpm
 59e661a9d5e28a1662b4278b4099be3e  
amd64/9.2/RPMS/ftp-server-krb5-1.3-3.1.92mdk.amd64.rpm
 e1882034fd1c6a6956c1c36f044bd50a  
amd64/9.2/RPMS/krb5-server-1.3-3.1.92mdk.amd64.rpm
 cabea2b50a85c472ff5c252c4a3b65f5  
amd64/9.2/RPMS/krb5-workstation-1.3-3.1.92mdk.amd64.rpm
 5ebc0da84930676585725ddebc21ace3  
amd64/9.2/RPMS/lib64krb51-1.3-3.1.92mdk.amd64.rpm
 06f1e9bfe725e320666a51bd217b067b  
amd64/9.2/RPMS/lib64krb51-devel-1.3-3.1.92mdk.amd64.rpm
 0c3c7637de54d9291c1886be3ac09ac1  
amd64/9.2/RPMS/telnet-client-krb5-1.3-3.1.92mdk.amd64.rpm
 876cd2e1bc605b8379183a5a7d53334f  
amd64/9.2/RPMS/telnet-server-krb5-1.3-3.1.92mdk.amd64.rpm
 97a04b5c44799791eb1574d72a77dd5a  amd64/9.2/SRPMS/krb5-1.3-3.1.92mdk.src.rpm

 Multi Network Firewall 8.2:
 e469005862622993d741efe18a973b4f  
mnf8.2/RPMS/krb5-libs-1.2.2-17.6.M82mdk.i586.rpm
 007a6133daaec5e1c699ba303651f627  mnf8.2/SRPMS/krb5-1.2.2-17.6.M82mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFAv6LEmqjQ0CJFipgRAmP2AJ9yz70XbcN/fd6EjyQcyQbyoddqEACg59bD
1nsN3/ilgIlGelRpvf4eJqw=
=EigO
-----END PGP SIGNATURE-----