MDKSA-2005:119 - Updated krb5 packages fix multiple vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2005:119 - Updated krb5 packages fix multiple vulnerabilities
From: Mandriva Security Team <security@xxxxxxxxxxxx>
Date: Wed, 13 Jul 2005 21:28:12 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Sender: QATeam User <qateam@xxxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           krb5
 Advisory ID:            MDKSA-2005:119
 Date:                   July 13th, 2005

 Affected versions:      10.0, 10.1, 10.2, Corporate 3.0,
                         Corporate Server 2.1,
                         Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities have been corrected in this Kerberos
 update:
 
 The rcp protocol would allow a server to instruct a client to write to
 arbitrary files outside of the current directory.  The Kerberos-aware
 rcp could be abused to copy files from a malicious server
 (CAN-2004-0175).
 
 Gael Delalleau discovered an information disclosure vulnerability in
 the way some telnet clients handled messages from a server.  This could
 be abused by a malicious telnet server to collect information from the
 environment of any victim connecting to the server using the Kerberos-
 aware telnet client (CAN-2005-0488).
 
 Daniel Wachdorf disovered that in error conditions that could occur in
 response to correctly-formatted client requests, the Kerberos 5 KDC may
 attempt to free uninitialized memory, which could cause the KDC to
 crash resulting in a Denial of Service (CAN-2005-1174).
 
 Daniel Wachdorf also discovered a single-byte heap overflow in the
 krb5_unparse_name() function that could, if successfully exploited,
 lead to a crash, resulting in a DoS.  To trigger this flaw, an attacker
 would need to have control of a Kerberos realm that shares a cross-
 realm key with the target (CAN-2005-1175).
 
 Finally, a double-free flaw was discovered in the krb5_recvauth()
 routine which could be triggered by a remote unauthenticated attacker.
 This issue could potentially be exploited to allow for the execution of
 arbitrary code on a KDC.  No exploit is currently known to exist
 (CAN-2005-1689).
 
 The updated packages have been patched to address this issue and
 Mandriva urges all users to upgrade to these packages as quickly as
 possible.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689
  http://www.kb.cert.org/vuls/id/623332
  http://www.kb.cert.org/vuls/id/259798
  http://www.kb.cert.org/vuls/id/885830
  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt
  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 c87b9ac1660b8cb7909f0d7809e60c16  
10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.i586.rpm
 6f42470b37ea66bb7570694acf4b170c  
10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.i586.rpm
 bf802310809218151a91f70b431f58f7  10.0/RPMS/krb5-server-1.3-6.6.100mdk.i586.rpm
 dd0120f441cbe289189c98d1a6e7c9b5  
10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.i586.rpm
 69c40a89709e887063a3e817325125b9  10.0/RPMS/libkrb51-1.3-6.6.100mdk.i586.rpm
 34a0289675fc35576e2cb715a6e2117b  
10.0/RPMS/libkrb51-devel-1.3-6.6.100mdk.i586.rpm
 bed8b731d7e752b4bcffe98abdbd7d3e  
10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.i586.rpm
 7b01eaa867670ef32aafc0c62d1e9b01  
10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.i586.rpm
 7b00ffd04e5fb1328a8ecfc3bad58827  10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 174fdb05eb1f32630ff9e7796800f554  
amd64/10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.amd64.rpm
 97eb89e96cccdd269d1aed4c19d0c31c  
amd64/10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.amd64.rpm
 f57777163fcbca96e8f032fe22134414  
amd64/10.0/RPMS/krb5-server-1.3-6.6.100mdk.amd64.rpm
 befa694e6b367b7ad9ac6f127edb28c4  
amd64/10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.amd64.rpm
 caaa22fb8566f59f749234cb6d2065f1  
amd64/10.0/RPMS/lib64krb51-1.3-6.6.100mdk.amd64.rpm
 8f869dbf84022f913fc14841741cba82  
amd64/10.0/RPMS/lib64krb51-devel-1.3-6.6.100mdk.amd64.rpm
 83d63d52ab2fa1545a8bfbcd81cf4b89  
amd64/10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.amd64.rpm
 ba7fc18ac57bda1f05aaf42c82dcd196  
amd64/10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.amd64.rpm
 7b00ffd04e5fb1328a8ecfc3bad58827  amd64/10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm

 Mandrakelinux 10.1:
 fb9247177c9a8e1c97058458c70e6a38  
10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.i586.rpm
 dc55f0d19df94d5c4314ba7476d267f7  
10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.i586.rpm
 0a87d233095d1cd13ee637153dcc5b59  
10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.i586.rpm
 f8e4067a77c9d5bb681d2460bf2063b9  
10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.i586.rpm
 e0d4e8e580f3b6499bc405aed49552d3  10.1/RPMS/libkrb53-1.3.4-2.3.101mdk.i586.rpm
 73e3abef9c847fe90db56483531a1cf1  
10.1/RPMS/libkrb53-devel-1.3.4-2.3.101mdk.i586.rpm
 ab219aaacc9c024b737f323350f20745  
10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.i586.rpm
 59950fc14b9ebde521822ceb72e020b5  
10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.i586.rpm
 b6791f0e031795f328a2373bd6bff4af  10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7cc15d17e2dd069951ae1033e2e5da0f  
x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 08d8d3cd6b8e3be3a0647feb3a041cc0  
x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 6ef2f47ace0c658673c20e7428058b3f  
x86_64/10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.x86_64.rpm
 eb7c38bbfacd43534d2508872ae07637  
x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.x86_64.rpm
 911d542523934cae7891eb3aa1b4c22c  
x86_64/10.1/RPMS/lib64krb53-1.3.4-2.3.101mdk.x86_64.rpm
 42c8a131ea1bb6b4a71826fa0367dcd9  
x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.3.101mdk.x86_64.rpm
 991aadec0a33745198589b1619f42190  
x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 9fecbd14c5b908416e2eb5b8b7900602  
x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 b6791f0e031795f328a2373bd6bff4af  
x86_64/10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm

 Mandrakelinux 10.2:
 2370d0bcd8e1055b828cbc5fd61b80fb  
10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.i586.rpm
 77d6d6822faf2d46126324d52b7de350  
10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.i586.rpm
 fd97b673156aab9df1dd084fa00ca4ee  
10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.i586.rpm
 e097b32bff94a889e9287328ea4383a7  
10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.i586.rpm
 10b12d24aeacbc51a72c5f6df7e063ab  10.2/RPMS/libkrb53-1.3.6-6.1.102mdk.i586.rpm
 c1b8458fdd25b9ac51338978958886b9  
10.2/RPMS/libkrb53-devel-1.3.6-6.1.102mdk.i586.rpm
 225fb2cfd2b8a30d0743cc691a98f862  
10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.i586.rpm
 c7145ab6eb80b5a5bd6438dc1292c208  
10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.i586.rpm
 fc23e2f504e65b3ed2304bbf44b17626  10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 48bf82662d9dc709f7b6fc93d408ec36  
x86_64/10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 a99dcafc0f131bee2fdd481a3c3b74ae  
x86_64/10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 6575fa785756ec309bc9a532ea201998  
x86_64/10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.x86_64.rpm
 9de12fff0f2556fc1b37309f3df38f43  
x86_64/10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.x86_64.rpm
 979d3a3a1076b5e1379388dfa12cbf14  
x86_64/10.2/RPMS/lib64krb53-1.3.6-6.1.102mdk.x86_64.rpm
 51fdffc99853d03ae464cfd45e477cf8  
x86_64/10.2/RPMS/lib64krb53-devel-1.3.6-6.1.102mdk.x86_64.rpm
 0f52ac0e1c637d1c9cd8ec0ce40f9221  
x86_64/10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 398385ff0c438b3ddf4e086a44ae118c  
x86_64/10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 fc23e2f504e65b3ed2304bbf44b17626  
x86_64/10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm

 Multi Network Firewall 2.0:
 fabcf16faccef529a4a5d95e52e4474a  mnf/2.0/RPMS/libkrb51-1.3-6.6.M20mdk.i586.rpm
 0a612cf3624c0e0279705eb4658cf08e  mnf/2.0/SRPMS/krb5-1.3-6.6.M20mdk.src.rpm

 Corporate Server 2.1:
 fb109362079c6f8a2aec1ca618882513  
corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.i586.rpm
 92725fca271543c54c907c4860a9c225  
corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.i586.rpm
 bc56956b9c25b804e9238aa750c79688  
corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.i586.rpm
 85da226bcd5c58f611c77e457505e660  
corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.i586.rpm
 680c3f4ff6a53c12ea5f706858a29c30  
corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.i586.rpm
 ed55cd70d63d65c1ef644672a331beca  
corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.i586.rpm
 2032b8637d45463118b6b2cec796ea89  
corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.i586.rpm
 2f0aedf68f2a0e33a6a94139eaf50cac  
corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.i586.rpm
 5998fcf5b2a19bac3f513fd9a196093f  
corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 ef0287c7f515b77e4ee9c816564298c1  
x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 94268948f1c84bb9f2b194d02467e3e6  
x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 5f07977c217d7e8f03cf1264671100ea  
x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.x86_64.rpm
 2af63c080bcce672cb112ecfcddd79cd  
x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.x86_64.rpm
 224dfdac58646589d1bd5a50bb4ca3b9  
x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.x86_64.rpm
 199e3235e0ed34edc0d2ce377534c441  
x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.x86_64.rpm
 65b63aa5728e478eb566100c1e2a8061  
x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 0550444014da765a97deea983332d45e  
x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 5998fcf5b2a19bac3f513fd9a196093f  
x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm

 Corporate 3.0:
 dc39a416e792dbe6bd3c30e2a4be7350  
corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.i586.rpm
 1a351c0d939faecda9051d9432afe724  
corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.i586.rpm
 ddd38c40766625e7ac7a2c7964d1bf99  
corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.i586.rpm
 8e83fef835a01e12aa3273b8b8970717  
corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.i586.rpm
 24a4d0ffa3c2651121d7f7381cafad29  
corporate/3.0/RPMS/libkrb51-1.3-6.6.C30mdk.i586.rpm
 be8a2e1088d1b06054a97c773960b0e0  
corporate/3.0/RPMS/libkrb51-devel-1.3-6.6.C30mdk.i586.rpm
 1274d73b2ada444ebe50b998d1d83d6a  
corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.i586.rpm
 fdf3981cdc25a9afee54a61cb01d042c  
corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.i586.rpm
 1738741854a9259ef09e6a6325349a14  
corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e6eda8a4875598ce56e56a7c45a9ca95  
x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.x86_64.rpm
 e7bd3ed8c1e29b25ebb3bffc3fa8c46a  
x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.x86_64.rpm
 e134c8918d95e99784b9e1a4078fd7ab  
x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.x86_64.rpm
 0bf662ecfd42b2f68b2af8e05ad510c7  
x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.x86_64.rpm
 262c7ec2ae2a0f72f3891abd5ed1b400  
x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.6.C30mdk.x86_64.rpm
 be39364202543ef56bbce8f5d69bf309  
x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.6.C30mdk.x86_64.rpm
 d734050c0bfc0e5e65834aee4df6c77d  
x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.x86_64.rpm
 3a78f34256effe43feb9d6f3dc0fc62d  
x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.x86_64.rpm
 1738741854a9259ef09e6a6325349a14  
x86_64/corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1dvMmqjQ0CJFipgRArE7AJ9waVzWhtxKjvlZlKVtc6/OfznZNQCdG0Dn
n5En05/4DjAyPg88vHEBPQg=
=YWXS
-----END PGP SIGNATURE-----
Prev by Date: MDKSA-2005:120 - Updated mozilla-firefox packages fix multiple vulnerabilities
Next by Date: iDEFENSE Security Advisory 07.14.05: Sophos Anti-Virus Zip File Handling DoS Vulnerability
Previous by thread: MDKSA-2005:120 - Updated mozilla-firefox packages fix multiple vulnerabilities
Next by thread: iDEFENSE Security Advisory 07.14.05: Sophos Anti-Virus Zip File Handling DoS Vulnerability
Index(es):
- Date
- Thread