<<< Date Index >>>     <<< Thread Index >>>

[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:077
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : krb5
 Date    : April 4, 2007
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was found in the username handling of the MIT krb5
 telnet daemon.  A remote attacker that could access the telnet port
 of a target machine could login as root without requiring a password
 (CVE-2007-0956).
 
 Buffer overflows in the kadmin server daemon were discovered that could
 be exploited by a remote attacker able to access the KDC.  Successful
 exploitation could allow for the execution of arbitrary code with the
 privileges of the KDC or kadmin server processes (CVE-2007-0957).
 
 Finally, a double-free flaw was discovered in the GSSAPI library used
 by the kadmin server daemon, which could lead to a denial of service
 condition or the execution of arbitrary code with the privileges of
 the KDC or kadmin server processes (CVE-2007-1216).
 
 Updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-003.txt
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 f76875e9839deaf87628a3c7e0a81632  
2006.0/i586/ftp-client-krb5-1.4.2-2.2.20060mdk.i586.rpm
 d2448392e0c350d3ca488d2e73e57f6d  
2006.0/i586/ftp-server-krb5-1.4.2-2.2.20060mdk.i586.rpm
 42e6330603ecaed04ea0649f7050a4c1  
2006.0/i586/krb5-server-1.4.2-2.2.20060mdk.i586.rpm
 adadd1cad1f1bc5f01809a508d2b8fd1  
2006.0/i586/krb5-workstation-1.4.2-2.2.20060mdk.i586.rpm
 ab8987522600f8e629901563e3be90c2  
2006.0/i586/libkrb53-1.4.2-2.2.20060mdk.i586.rpm
 7d70bb7bb821c3e91e9d062330528815  
2006.0/i586/libkrb53-devel-1.4.2-2.2.20060mdk.i586.rpm
 f4104abdc22e16574bcddde0a178d935  
2006.0/i586/telnet-client-krb5-1.4.2-2.2.20060mdk.i586.rpm
 110f54ead0abc486faa1f2b47057122b  
2006.0/i586/telnet-server-krb5-1.4.2-2.2.20060mdk.i586.rpm 
 8cc03b4b7cc34cb3c2b53e4f9f9b73dd  2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 0f2d7c3fc50552aa586dd6c5b12a5b85  
2006.0/x86_64/ftp-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 bbd94e005c67b4b94cf544b736028416  
2006.0/x86_64/ftp-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 f406f21d7b210ae6d489c77c15d34a60  
2006.0/x86_64/krb5-server-1.4.2-2.2.20060mdk.x86_64.rpm
 9d00284ec202ed44e63266698a1d85e6  
2006.0/x86_64/krb5-workstation-1.4.2-2.2.20060mdk.x86_64.rpm
 8ca28a4cc9eb7f292a1d73b975740fab  
2006.0/x86_64/lib64krb53-1.4.2-2.2.20060mdk.x86_64.rpm
 565b9a19c5cf7b94dcf28e1bc1e21d2e  
2006.0/x86_64/lib64krb53-devel-1.4.2-2.2.20060mdk.x86_64.rpm
 5c931d032ce9d3ed91a4e4b04f20bfb8  
2006.0/x86_64/telnet-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 27b39ae245a43322d4abbb4191da56ac  
2006.0/x86_64/telnet-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm 
 8cc03b4b7cc34cb3c2b53e4f9f9b73dd  2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 6dfbc8eef1479cce19c957bbed4457aa  
2007.0/i586/ftp-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 54ff3fe8a117603f8700e96f34a1b33a  
2007.0/i586/ftp-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 2caf0205301d01a6be4ad1506944ba39  
2007.0/i586/krb5-server-1.4.3-6.1mdv2007.0.i586.rpm
 b7b4a4f4b1fa356ca6468ffece1dfce8  
2007.0/i586/krb5-workstation-1.4.3-6.1mdv2007.0.i586.rpm
 ab253c6ad6ecd7c15c1d150f5ed34091  
2007.0/i586/libkrb53-1.4.3-6.1mdv2007.0.i586.rpm
 f192ef28bb37286be1e291761d3ced9c  
2007.0/i586/libkrb53-devel-1.4.3-6.1mdv2007.0.i586.rpm
 d208fcaa1c5069c657815061ed3b2687  
2007.0/i586/telnet-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 0f95ea728eca0962591d142c74238700  
2007.0/i586/telnet-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm 
 87c94334c61bc67e3ef95e930ee72149  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 02a5ebc046e0cb9133162ce621fb3b1f  
2007.0/x86_64/ftp-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 0a2b6ae87af0ed4ec445b65531d3408a  
2007.0/x86_64/ftp-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 e2958d861bb45c52be5cad5bbf08ef35  
2007.0/x86_64/krb5-server-1.4.3-6.1mdv2007.0.x86_64.rpm
 fac1f28b2c5a2065ffa772e2e1cb6d70  
2007.0/x86_64/krb5-workstation-1.4.3-6.1mdv2007.0.x86_64.rpm
 36bcd1fb2e859c637256680ca4fc468b  
2007.0/x86_64/lib64krb53-1.4.3-6.1mdv2007.0.x86_64.rpm
 7d936ed2b1441714205e987bd63a2ec5  
2007.0/x86_64/lib64krb53-devel-1.4.3-6.1mdv2007.0.x86_64.rpm
 4754b9b3ce36cad7d3dfa852a03d7fe0  
2007.0/x86_64/telnet-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 71832a8dcf70b4e46b0bb9bc3343860d  
2007.0/x86_64/telnet-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm 
 87c94334c61bc67e3ef95e930ee72149  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

 Corporate 3.0:
 02c99157c7a70bcf69309e4ef15dd886  
corporate/3.0/i586/ftp-client-krb5-1.3-6.8.C30mdk.i586.rpm
 3f58daeaaed40d88f74507049966df22  
corporate/3.0/i586/ftp-server-krb5-1.3-6.8.C30mdk.i586.rpm
 3703251ed231c0df3bc0d2477ef77f6a  
corporate/3.0/i586/krb5-server-1.3-6.8.C30mdk.i586.rpm
 ff9ca353c32ed0c0a655ef9a4179c751  
corporate/3.0/i586/krb5-workstation-1.3-6.8.C30mdk.i586.rpm
 de0c33d4bc2fc6b61d365f91e366bd67  
corporate/3.0/i586/libkrb51-1.3-6.8.C30mdk.i586.rpm
 5fac8b79343bef871b450524682b5c68  
corporate/3.0/i586/libkrb51-devel-1.3-6.8.C30mdk.i586.rpm
 4a0216e5afa5ec83523e5cfdcd6fda24  
corporate/3.0/i586/telnet-client-krb5-1.3-6.8.C30mdk.i586.rpm
 ae5eed1f6591a785f4093924d98d640f  
corporate/3.0/i586/telnet-server-krb5-1.3-6.8.C30mdk.i586.rpm 
 b76e0f3069504ba96ed29c13f8f8d9b6  
corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 effb08ab8684a97a591c8112d146e827  
corporate/3.0/x86_64/ftp-client-krb5-1.3-6.8.C30mdk.x86_64.rpm
 110e5a4422f57c7c7db46967f265ed20  
corporate/3.0/x86_64/ftp-server-krb5-1.3-6.8.C30mdk.x86_64.rpm
 a178af307e6c416bb77b9dc45ff49ac6  
corporate/3.0/x86_64/krb5-server-1.3-6.8.C30mdk.x86_64.rpm
 b84aab804554143cf1a9ce511a42a81a  
corporate/3.0/x86_64/krb5-workstation-1.3-6.8.C30mdk.x86_64.rpm
 a122ef49d58a704d321297eea594b3f6  
corporate/3.0/x86_64/lib64krb51-1.3-6.8.C30mdk.x86_64.rpm
 b68729b8c2d401fec19beb5ad68006e7  
corporate/3.0/x86_64/lib64krb51-devel-1.3-6.8.C30mdk.x86_64.rpm
 63482694130642c1e156054e9a944d3a  
corporate/3.0/x86_64/telnet-client-krb5-1.3-6.8.C30mdk.x86_64.rpm
 52c1eada2b3104f8387f2b5eee0c5e92  
corporate/3.0/x86_64/telnet-server-krb5-1.3-6.8.C30mdk.x86_64.rpm 
 b76e0f3069504ba96ed29c13f8f8d9b6  
corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm

 Corporate 4.0:
 0b6d63d25604e886c74688f5189e3d99  
corporate/4.0/i586/ftp-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 8f0ddc6328ca242f74d1238d7c42a097  
corporate/4.0/i586/ftp-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 50f2d47b6c02cff492bb0a39073f9ad4  
corporate/4.0/i586/krb5-server-1.4.3-5.2.20060mlcs4.i586.rpm
 dc869f11fab9a71c5970fa7b574276bf  
corporate/4.0/i586/krb5-workstation-1.4.3-5.2.20060mlcs4.i586.rpm
 2961482510210a3ceec020566b4fd370  
corporate/4.0/i586/libkrb53-1.4.3-5.2.20060mlcs4.i586.rpm
 49954e190e4e672b5437d36a4d9befaa  
corporate/4.0/i586/libkrb53-devel-1.4.3-5.2.20060mlcs4.i586.rpm
 204894da33e23e65f71b73dc538262da  
corporate/4.0/i586/telnet-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 ae51fdd37d52903ecc548fa7b66f0129  
corporate/4.0/i586/telnet-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm 
 e646f77683f9ebc6591be949bc8208bc  
corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 d4b0719081f93a1806868f24f8100b0c  
corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 ee3b47806dd47f634b97b0dba99f80f2  
corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 64d9d4d773b6aed752db77ec282d7c3e  
corporate/4.0/x86_64/krb5-server-1.4.3-5.2.20060mlcs4.x86_64.rpm
 62426e65d7b5662f27c185a92f353c98  
corporate/4.0/x86_64/krb5-workstation-1.4.3-5.2.20060mlcs4.x86_64.rpm
 65f8e462a0333caec9512aabe944d9ab  
corporate/4.0/x86_64/lib64krb53-1.4.3-5.2.20060mlcs4.x86_64.rpm
 811fbfdcfa723937dbfc2af3670baa70  
corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.2.20060mlcs4.x86_64.rpm
 6b2c5735bcc66849bbae68cfae669535  
corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 e4fb528ecf1d98fdae0d76c873d6b88f  
corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm 
 e646f77683f9ebc6591be949bc8208bc  
corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 eec7136889615016b562fcf56cd38202  
mnf/2.0/i586/libkrb51-1.3-6.8.M20mdk.i586.rpm 
 b64b6185d2a648f74b2f024acf4bab01  mnf/2.0/SRPMS/krb5-1.3-6.8.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGE/QnmqjQ0CJFipgRAqdTAJwJFpOdUkGk29ZoXOsbG7XJzNr5QACdEHje
LcAyjeDR8D1kS+r0g6mLwKo=
=Yp6C
-----END PGP SIGNATURE-----