MDKSA-2005:061 - Updated krb5 packages fix telnet client vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: krb5
Advisory ID: MDKSA-2005:061
Date: March 29th, 2005
Affected versions: 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
Two buffer overflow issues were discovered in the way telnet clients
handle messages from a server. Because of these issues, an attacker
may be able to execute arbitray code on the victim's machine if the
victim can be tricked into connecting to a malicious telnet server.
The Kerberos package contains a telnet client and is patched to deal
with these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
d216766af945b3213fa495721eed9457
10.0/RPMS/ftp-client-krb5-1.3-6.5.100mdk.i586.rpm
4655dcb4b78bbdb435b07647516197a6
10.0/RPMS/ftp-server-krb5-1.3-6.5.100mdk.i586.rpm
4875bd7e3527e46a14d03715981debd1 10.0/RPMS/krb5-server-1.3-6.5.100mdk.i586.rpm
a56ef2f2bdf568b60b1755edf5bf029d
10.0/RPMS/krb5-workstation-1.3-6.5.100mdk.i586.rpm
83810da26099bef4f9f62dda0bfaac25 10.0/RPMS/libkrb51-1.3-6.5.100mdk.i586.rpm
f8ddb6ad7c7c00b73705deb466ec6bd6
10.0/RPMS/libkrb51-devel-1.3-6.5.100mdk.i586.rpm
61d0f706174d181aa85c50e20f6fb5c8
10.0/RPMS/telnet-client-krb5-1.3-6.5.100mdk.i586.rpm
79e059ee2cc3d074a20b91ce7143ac81
10.0/RPMS/telnet-server-krb5-1.3-6.5.100mdk.i586.rpm
ec23fa86417932cf45135d0893f0c110 10.0/SRPMS/krb5-1.3-6.5.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
26c8933dd197c552b0f7ea1df7bae8a8
amd64/10.0/RPMS/ftp-client-krb5-1.3-6.5.100mdk.amd64.rpm
4bde97f1286a8dafa48ee43f4302f193
amd64/10.0/RPMS/ftp-server-krb5-1.3-6.5.100mdk.amd64.rpm
fdaa11624a29da312e3924016469eefc
amd64/10.0/RPMS/krb5-server-1.3-6.5.100mdk.amd64.rpm
33d0343e61194c4bb0229df79e6fed26
amd64/10.0/RPMS/krb5-workstation-1.3-6.5.100mdk.amd64.rpm
828b1af5ad010a37732e37f8007bbc47
amd64/10.0/RPMS/lib64krb51-1.3-6.5.100mdk.amd64.rpm
b3e0ecc91df33626c4122ab1fb3d0ea9
amd64/10.0/RPMS/lib64krb51-devel-1.3-6.5.100mdk.amd64.rpm
068087c8e22ebff7328b2a9ade91a9bc
amd64/10.0/RPMS/telnet-client-krb5-1.3-6.5.100mdk.amd64.rpm
a263757976186907b1a2645fbe315e0e
amd64/10.0/RPMS/telnet-server-krb5-1.3-6.5.100mdk.amd64.rpm
ec23fa86417932cf45135d0893f0c110 amd64/10.0/SRPMS/krb5-1.3-6.5.100mdk.src.rpm
Mandrakelinux 10.1:
819e71fe8e2830787b2e808455b02821
10.1/RPMS/ftp-client-krb5-1.3.4-2.2.101mdk.i586.rpm
3a48e58ff59a5712778242d376741386
10.1/RPMS/ftp-server-krb5-1.3.4-2.2.101mdk.i586.rpm
ba2b20121bc71355e6c8107c69cbf0d0
10.1/RPMS/krb5-server-1.3.4-2.2.101mdk.i586.rpm
f7aeec8d096cd901112e5d2200de456f
10.1/RPMS/krb5-workstation-1.3.4-2.2.101mdk.i586.rpm
29049325af00777f56ec2f28cd8db39a 10.1/RPMS/libkrb53-1.3.4-2.2.101mdk.i586.rpm
2adb15276ecbf76e60d851999fab9a1d
10.1/RPMS/libkrb53-devel-1.3.4-2.2.101mdk.i586.rpm
caf892a19e7be7e745ef8e9aa75789c0
10.1/RPMS/telnet-client-krb5-1.3.4-2.2.101mdk.i586.rpm
7bc66dfe0330642b5d75fdd34f7b06e5
10.1/RPMS/telnet-server-krb5-1.3.4-2.2.101mdk.i586.rpm
10b2b7dbc3d5f8cc59c89603d295cfaf 10.1/SRPMS/krb5-1.3.4-2.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
23d8a6b17b39f9381e9b0dd7793ab7b8
x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.2.101mdk.x86_64.rpm
a008345d73abf100b15cad0087f01072
x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.2.101mdk.x86_64.rpm
18a341812ca08af8bd5c494db3ec5ff3
x86_64/10.1/RPMS/krb5-server-1.3.4-2.2.101mdk.x86_64.rpm
28714dcb521545d74438c91ab3794815
x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.2.101mdk.x86_64.rpm
035cba17cbc35bd3d822d3758a2698dd
x86_64/10.1/RPMS/lib64krb53-1.3.4-2.2.101mdk.x86_64.rpm
fc77f44380cfdd2bd1819e8bd8492561
x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.2.101mdk.x86_64.rpm
90f2d0b38cbf9af1d587972cc68d1d6d
x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.2.101mdk.x86_64.rpm
826a853d8dc641bd8bfb28199bbaa64a
x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.2.101mdk.x86_64.rpm
10b2b7dbc3d5f8cc59c89603d295cfaf
x86_64/10.1/SRPMS/krb5-1.3.4-2.2.101mdk.src.rpm
Corporate Server 2.1:
486bdb41d4354eed4fcf58eb52a82fa9
corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.9.C21mdk.i586.rpm
55cc181680ac84751723deb93719decc
corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.9.C21mdk.i586.rpm
c98550fca5f3eeeabf62a86ddbf92a07
corporate/2.1/RPMS/krb5-devel-1.2.5-1.9.C21mdk.i586.rpm
b8bb87ae54bdb56458c3388fecb63d6f
corporate/2.1/RPMS/krb5-libs-1.2.5-1.9.C21mdk.i586.rpm
b8763fea4c3c156938ba784a3edf51b9
corporate/2.1/RPMS/krb5-server-1.2.5-1.9.C21mdk.i586.rpm
e6a0318b748f65a0507f8c16bc23dc49
corporate/2.1/RPMS/krb5-workstation-1.2.5-1.9.C21mdk.i586.rpm
327c046ca43c40ab9794398f20a5b38f
corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.9.C21mdk.i586.rpm
a82c3b4f9eb67504899c5f3f281d9fe5
corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.9.C21mdk.i586.rpm
259065ab96525bc8d7b77d4c25e13f4b
corporate/2.1/SRPMS/krb5-1.2.5-1.9.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
f6d4eff2a3feb87000460ca695bd51de
x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
255d0bc8c3244b27431d226d4999f6d6
x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
240f422fe36e908fcb26e90f9170fbc3
x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.9.C21mdk.x86_64.rpm
772fed2dada99bd8d2ac4643731cf739
x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.9.C21mdk.x86_64.rpm
26b555deaeced633f99b388c9e03e18b
x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.9.C21mdk.x86_64.rpm
e2f5e23567066ef2546f7c2ce9e1cd8f
x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.9.C21mdk.x86_64.rpm
45279cc9a731458a3720a38c99e6f4c3
x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
214b7f27352dc9ebf55633422f9572cc
x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
259065ab96525bc8d7b77d4c25e13f4b
x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.9.C21mdk.src.rpm
Corporate 3.0:
28d851910a75805853c5c39cba4fffea
corporate/3.0/RPMS/ftp-client-krb5-1.3-6.5.C30mdk.i586.rpm
ac605c26e631edf484d62d8d97ddda69
corporate/3.0/RPMS/ftp-server-krb5-1.3-6.5.C30mdk.i586.rpm
c666ec50bdf3a3044ef0f7248ee8e56e
corporate/3.0/RPMS/krb5-server-1.3-6.5.C30mdk.i586.rpm
e7713877b0e4a4fa6ec709b9fd5e702b
corporate/3.0/RPMS/krb5-workstation-1.3-6.5.C30mdk.i586.rpm
bb77997163c45e09fc31b15d46139525
corporate/3.0/RPMS/libkrb51-1.3-6.5.C30mdk.i586.rpm
283c5da56f61674465641cfb354dc491
corporate/3.0/RPMS/libkrb51-devel-1.3-6.5.C30mdk.i586.rpm
405188eb42b03830b8b11c63e36cda97
corporate/3.0/RPMS/telnet-client-krb5-1.3-6.5.C30mdk.i586.rpm
0d4f11a5eb627b9e67781d0497cfadb4
corporate/3.0/RPMS/telnet-server-krb5-1.3-6.5.C30mdk.i586.rpm
c38d8569fd587baf9f7d45db41fe5c93
corporate/3.0/SRPMS/krb5-1.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64:
405fd1d117ce34ce2ed7c19f3fc0f014
x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.5.C30mdk.x86_64.rpm
e6b5b0dd59bc08bfd1459ce4857a7776
x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.5.C30mdk.x86_64.rpm
22b5a0f8b3c83ddb3231ea7ce4fbc736
x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.5.C30mdk.x86_64.rpm
1027fec85d3450f7b2144d1578f4b0f6
x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.5.C30mdk.x86_64.rpm
96113ec9be72c272cdfeddcd6c2328ad
x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.5.C30mdk.x86_64.rpm
733bfb924f9f743d6c9a303e2d6b6ece
x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.5.C30mdk.x86_64.rpm
5970d9cd024f5397d985acada35fffcd
x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.5.C30mdk.x86_64.rpm
c856eeb8859708c5345a5a19506a3a89
x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.5.C30mdk.x86_64.rpm
c38d8569fd587baf9f7d45db41fe5c93
x86_64/corporate/3.0/SRPMS/krb5-1.3-6.5.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCSi51mqjQ0CJFipgRAqwvAKDGGsfIY71sgXy+32G8S+MmbcoAEQCfRXSl
bMknFu0Bau5M1KAiLQI8mVE=
=rQTg
-----END PGP SIGNATURE-----