=========================================================== Ubuntu Security Notice USN-408-1 January 15, 2007 krb5 vulnerability CVE-2006-6143 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libkadm55 1.4.3-5ubuntu0.2 libkrb53 1.4.3-5ubuntu0.2 Ubuntu 6.10: libkadm55 1.4.3-9ubuntu1.1 libkrb53 1.4.3-9ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: The server-side portion of Kerberos' RPC library had a memory management flaw which allowed users of that library to call a function pointer located in unallocated memory. By doing specially crafted calls to the kadmind server, a remote attacker could exploit this to execute arbitrary code with root privileges on the target computer. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.diff.gz Size/MD5: 1447550 546659a7ce8758c26c33d0241adb992d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.dsc Size/MD5: 848 ed669b2e38c5b3b6701401b99bbdb3cb http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.2_all.deb Size/MD5: 852734 748a61c88e96abcc2fd922acdafbd56c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 79686 a56316c071cbdae9f33b10166e204340 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 222738 173b8846edc4d84b0880b293ebd819f8 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 59876 11c96393564f5422e884cda60671688d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 134570 c2fa98268d5c486988eae91040441720 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 84774 7dc407371c107d79c69ffe054f702ba7 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 67044 4a01011a78cf0c299df6b36384c0950b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 129430 2acabc3bcb9323fa28a69e306694a1ec http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 190294 a4044fce177ca61f9b24ff9515443e5f http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 768212 bba4e4f35f90a58177f14d35d9fccf1e http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 425220 e16e7b2709af4fb8a88a0819cdfc1a40 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 71660 d38e87ecea34868e1dac394b9047c382 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 186752 12424ad58c808a4867f0db0d014a34ec http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 53844 3aa5f6a9ae2cb49659a0577ea972d0af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 121068 9a1fcd42b91849f0a4ce3c1614c3dbb9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 75438 9b264a66dff08d0206370a43058687d1 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 58204 6e89a58b9d435c6e1422537a18da2dc1 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 118528 82f62332c5bae9177ce1f356b824279e http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 165130 0968da19d0bdac05e716825ba045f5e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 646560 89ccbd05cda4887245d7d5c5cd77d383 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 380650 8a8e6bebd4955809ef62a27cc7eb8918 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 79712 119d48198050bd5e24c711c895770bf0 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 220080 3025e485a43fd6a67c6d7716f1efad63 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 59084 97104b0dcfc3a4dacd5c1334766c488b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 135552 b1c5a4334633412e8c64d808b4a30280 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 84632 b7a70d1cb0513523911248231bbcca82 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 65420 9300e4d62e4dedad6ac85647fe157ee2 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 134396 f07964b5364af26ac18bc4c37ff71e3f http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 177082 8488709500858a66f07183a193a249e7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 751382 96e57442a0caa1e574f0581327fc9e1a http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 395444 b672282f98601ebe9340f251d7e2dd46 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 72292 ed56430a6017fe52fd34e8724ff5892d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 196928 2dff67f37591eede7be792c836028920 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 55818 1de2f224962fd6e7f9a5a642995a2fb6 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 123914 871a22e98608033db8dbc3e85d18e430 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 76454 c8f134cee518c209e4f068d59e7bc90e http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 61752 e15353f761ff1b052ff790c3b22d9f03 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 120102 a72b86d5911ebf7d90454e20a5d3d6a7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 164630 2ba7eb220cee2ef90c433520dc22bd1d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 677878 53436fc167794aa6c7e4538156b279e4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 368236 8cfe1fb1b04f054211103b96bd85d4d0 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.diff.gz Size/MD5: 1468259 a89554ee72ae46193497b5fdb86359e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.dsc Size/MD5: 883 92b415a7e46614bc10a6fad2971a13a4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.1_all.deb Size/MD5: 853430 3958e9a508ef75081c289378ee06cb5d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 81062 5e7b14c23de60189762b3776991256a3 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 223934 6cbf0f868012e01518617369f4c09d78 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 61134 c2420e53a8369ef1fb7150d8a486dd3c http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 138648 38ffe1ee542695b7e7110f752b02a735 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 86946 da6f24f2da9e84b2e13c0a296c8bdfcb http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 67556 711861722d5ef9e31d6d641076574df6 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 130170 53bf2f36db32694986426840efce7a63 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 190180 27a2f0cf1711ddf7498b20073363c5f6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 1072552 d9f4df032a6d0b24d4b948cdc2a17ec3 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 771828 8a490a2198a58ccea514e43ab68bce88 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 427562 f60e228b07f072ee64e66d16b01c80c9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 74768 07466ce7134858695cd2608f7d916bc9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 195996 77d746677df270dc89773c13f4231e98 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 56642 33f6895466f028e4f7e60fe6d0102d7b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 128984 d57c3ae641ffc63cde21557c3db9355c http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 79602 6be865799bcf85edb35c541df35b9245 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 61366 e9c4b39d8228118d03d5df02123e437d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 121716 588addedfb49a64c09a8517740d039d9 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 172370 b6674bf633bf623d54d53d8ee57120e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 1024338 53cef35e866ba9bfa14ebb7727b10c9d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 672520 7c1313e3eb84a448479af34eda9a0233 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 403646 b30ac3ba3dc11650ef9a74b5b1d9368a powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 81626 eb56ed7461f47af49023f2027d71a249 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 222676 f847921d673ba513a11b2e4da26c6589 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 61324 94d69c98e2439ead3b38757fb6503917 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 140824 a3a2c75ca459aadf29db4af247832cac http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 86812 8747cbb5e22b1611d0f35d413a29dfb8 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 66622 e03d52dd334c788d3fb7583660ac25af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 136342 0048a761afaabaffb847273c88cb7758 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 179554 59ca8bdf4afa0ea09432aaa2e53facf7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 1076132 98f942e3252e3f377cd24c03dfae7120 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 757874 00cde304e78bdd85ca75454ae31f9056 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 398636 15cd61e388f2e658709577c6c17ed9f4 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 74648 a9d42678fb3d7d508c087ae7eb075eec http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 203198 2aeac236c8864c757a55870190918302 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 58498 22079ad35df8ceea0857319eb533ee35 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 129158 a5b36aeb90baba94d569f41d21f16548 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 79926 d889cf2987c8c48a6aef9b566ad14238 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 63040 6e9f3b3ad95536ee494d73e8ee3d252a http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 122238 bd59626426b7690742520d2151b58a3c http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 166480 fd69c12e642a168d39ce209c1647d433 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 957280 de94391f1d289fbe3c7639f8ca8cf303 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 684606 511b01e003f876bde73badddeda105ab http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 373600 66c24f51433ff5ce4670bc91f04a6187
Attachment:
signature.asc
Description: Digital signature