Mandrake alert MDKSA-2004:056 (krb5)
| From: | Mandrake Linux Security Team <security@linux-mandrake.com> | |
| To: | security-announce@linux-mandrake.com | |
| Subject: | [Security Announce] MDKSA-2004:056 - Updated krb5 packages fix buffer overflow vulnerabilities | |
| Date: | 3 Jun 2004 22:14:28 -0000 |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: krb5 Advisory ID: MDKSA-2004:056 Date: June 3rd, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 ______________________________________________________________________ Problem Description: Multiple buffer overflows exist in the krb5_aname_to_localname() library function that if exploited could lead to unauthorized root privileges. In order to exploit this flaw, an attacker must first successfully authenticate to a vulnerable service, which must be configured to enable the explicit mapping or rules-based mapping functionality of krb5_aname_to_localname, which is not a default configuration. Mandrakesoft encourages all users to upgrade to these patched krb5 packages. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0523 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: 3f69e19bae9dc3cb4ee59ca7d3be08ab 10.0/RPMS/ftp-client-krb5-1.3-6.1.100mdk.i586.rpm 6a1a0859a8aab0c4d0658209cb1b7f5c 10.0/RPMS/ftp-server-krb5-1.3-6.1.100mdk.i586.rpm 83159f49c7f5c143c5b7498153ec79e4 10.0/RPMS/krb5-server-1.3-6.1.100mdk.i586.rpm 674d93d2240afb54f579920b69484b34 10.0/RPMS/krb5-workstation-1.3-6.1.100mdk.i586.rpm 5e132ecbce927441c7be8e6004080535 10.0/RPMS/libkrb51-1.3-6.1.100mdk.i586.rpm 957327bc8dbd9c7176ac875828e39816 10.0/RPMS/libkrb51-devel-1.3-6.1.100mdk.i586.rpm 68890f7386b9d33d85f5c8ca0f527410 10.0/RPMS/telnet-client-krb5-1.3-6.1.100mdk.i586.rpm 0b507f70e638c93fd0897ff4a0b56e61 10.0/RPMS/telnet-server-krb5-1.3-6.1.100mdk.i586.rpm 990f44e1171410a8a4ff6f9b64a310c7 10.0/SRPMS/krb5-1.3-6.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64: 9c6e1a4aa3298fc26b743e89ba79fb50 amd64/10.0/RPMS/ftp-client-krb5-1.3-6.1.100mdk.amd64.rpm dd30b5dcc6d6eafb252bea319c47cd72 amd64/10.0/RPMS/ftp-server-krb5-1.3-6.1.100mdk.amd64.rpm be24d1822f4c56eb5d514eb7f4620e94 amd64/10.0/RPMS/krb5-server-1.3-6.1.100mdk.amd64.rpm 3315cd08b90a42876cb3fe0df8de7bc1 amd64/10.0/RPMS/krb5-workstation-1.3-6.1.100mdk.amd64.rpm 8003ae014ebe45ec26d332cec6a4e0d8 amd64/10.0/RPMS/lib64krb51-1.3-6.1.100mdk.amd64.rpm 5f45277c5f4979864a14753208762e29 amd64/10.0/RPMS/lib64krb51-devel-1.3-6.1.100mdk.amd64.rpm 3284ca83d423ad7cf00e9f6d7a6eb19f amd64/10.0/RPMS/telnet-client-krb5-1.3-6.1.100mdk.amd64.rpm 963ad02887f98e59894e913f872eb623 amd64/10.0/RPMS/telnet-server-krb5-1.3-6.1.100mdk.amd64.rpm 990f44e1171410a8a4ff6f9b64a310c7 amd64/10.0/SRPMS/krb5-1.3-6.1.100mdk.src.rpm Corporate Server 2.1: 28d17e73c658b4633dfb80dc5f9e79d0 corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.5.C21mdk.i586.rpm 6d3252882a56eedcf4c1d65d5187da65 corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.5.C21mdk.i586.rpm 392cf7a12b155a7e38a1fcbf57356453 corporate/2.1/RPMS/krb5-devel-1.2.5-1.5.C21mdk.i586.rpm 4c208f2cc19e6ceb06e7748e3589c6ac corporate/2.1/RPMS/krb5-libs-1.2.5-1.5.C21mdk.i586.rpm 4f2574763f5cbc40b43e988016fa7ad5 corporate/2.1/RPMS/krb5-server-1.2.5-1.5.C21mdk.i586.rpm 3c13190ff1dab8751b49d5c3c9588681 corporate/2.1/RPMS/krb5-workstation-1.2.5-1.5.C21mdk.i586.rpm 0c048f9883ce94c1f677fcbfb61496dc corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.5.C21mdk.i586.rpm 0d44ecccb454ade87808de678b060834 corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.5.C21mdk.i586.rpm 219e71f13c936d8d5f7cd14513dcb751 corporate/2.1/SRPMS/krb5-1.2.5-1.5.C21mdk.src.rpm Corporate Server 2.1/x86_64: eab4f9bd5751049040cd9c9bd7492b08 x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.5.C21mdk.x86_64.rpm a36e3184a7130674020db161a03dc705 x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.5.C21mdk.x86_64.rpm 22322929f255095b2d5f54d338ede660 x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.5.C21mdk.x86_64.rpm eb09e34102ea6a43b914dedbcd0da178 x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.5.C21mdk.x86_64.rpm 783c614ed1dbbd2405c2e1a70703fc16 x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.5.C21mdk.x86_64.rpm de5a5456f79f795787c6e54a04b6c098 x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.5.C21mdk.x86_64.rpm c6b5b17261c7bffb8c5cdad1fc42d099 x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.5.C21mdk.x86_64.rpm 250efd6fd7498de490681f257414d312 x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.5.C21mdk.x86_64.rpm 219e71f13c936d8d5f7cd14513dcb751 x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.5.C21mdk.src.rpm Mandrakelinux 9.1: 2ced4496f263fced47a1507a82c2cb1e 9.1/RPMS/ftp-client-krb5-1.2.7-1.2.91mdk.i586.rpm cab37c9cf0b43e7b6686d7d52246fb38 9.1/RPMS/ftp-server-krb5-1.2.7-1.2.91mdk.i586.rpm 85f06e28d5866ca0019331f06128b9d9 9.1/RPMS/krb5-devel-1.2.7-1.2.91mdk.i586.rpm 7e5fdb86010a2beaca1096d7f5c5a9ec 9.1/RPMS/krb5-libs-1.2.7-1.2.91mdk.i586.rpm a6262aca95a4dc7bfbea9b39cad4297e 9.1/RPMS/krb5-server-1.2.7-1.2.91mdk.i586.rpm fee32c38e1c94a2b3d951b9eb2c22dae 9.1/RPMS/krb5-workstation-1.2.7-1.2.91mdk.i586.rpm 07bd644f73985078acae9e78b3efb570 9.1/RPMS/telnet-client-krb5-1.2.7-1.2.91mdk.i586.rpm 0288aecc76e64a0756d4c7c040859f5e 9.1/RPMS/telnet-server-krb5-1.2.7-1.2.91mdk.i586.rpm c9cb232771f711d8dacb9a0247f0f446 9.1/SRPMS/krb5-1.2.7-1.2.91mdk.src.rpm Mandrakelinux 9.1/PPC: c15b924256dd15bb6251bbd476fd7b89 ppc/9.1/RPMS/ftp-client-krb5-1.2.7-1.2.91mdk.ppc.rpm 0505bac3bc6cfc52d25313cd8ed74ef8 ppc/9.1/RPMS/ftp-server-krb5-1.2.7-1.2.91mdk.ppc.rpm 803f513a08883b41aae1e25121a180fc ppc/9.1/RPMS/krb5-devel-1.2.7-1.2.91mdk.ppc.rpm 5eb8abff903c9421b4c0e2e5f0a11273 ppc/9.1/RPMS/krb5-libs-1.2.7-1.2.91mdk.ppc.rpm cd82456b41b41cc34b0f49c5062273e5 ppc/9.1/RPMS/krb5-server-1.2.7-1.2.91mdk.ppc.rpm 085d8b51236fca2fda043f4d05ff91ea ppc/9.1/RPMS/krb5-workstation-1.2.7-1.2.91mdk.ppc.rpm 50bfa53e1d651b12e9c9896097eddbca ppc/9.1/RPMS/telnet-client-krb5-1.2.7-1.2.91mdk.ppc.rpm dfa7947c5210d71e2337a31efb55783c ppc/9.1/RPMS/telnet-server-krb5-1.2.7-1.2.91mdk.ppc.rpm c9cb232771f711d8dacb9a0247f0f446 ppc/9.1/SRPMS/krb5-1.2.7-1.2.91mdk.src.rpm Mandrakelinux 9.2: 3c0064e8fcddb7d92c417d2de44832e6 9.2/RPMS/ftp-client-krb5-1.3-3.1.92mdk.i586.rpm e8a49c0e3083aa62c78a166e13ad8de7 9.2/RPMS/ftp-server-krb5-1.3-3.1.92mdk.i586.rpm 684a31c9ad1b9cee39c354c24abd8c82 9.2/RPMS/krb5-server-1.3-3.1.92mdk.i586.rpm 9e2df5a8153c7f98252ba9ac8f328747 9.2/RPMS/krb5-workstation-1.3-3.1.92mdk.i586.rpm 36393ba65d19487fdddb561f3d410d34 9.2/RPMS/libkrb51-1.3-3.1.92mdk.i586.rpm 3ea03174e1b8d5034bcda9cff28ce46c 9.2/RPMS/libkrb51-devel-1.3-3.1.92mdk.i586.rpm 526f8a29e2f79646046f67f7e91de657 9.2/RPMS/telnet-client-krb5-1.3-3.1.92mdk.i586.rpm 0ee4ff655a48b36a3caf6b4fc9e58e7b 9.2/RPMS/telnet-server-krb5-1.3-3.1.92mdk.i586.rpm 97a04b5c44799791eb1574d72a77dd5a 9.2/SRPMS/krb5-1.3-3.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64: dd21326a798dff0e4f18c98d1ee1b25b amd64/9.2/RPMS/ftp-client-krb5-1.3-3.1.92mdk.amd64.rpm 59e661a9d5e28a1662b4278b4099be3e amd64/9.2/RPMS/ftp-server-krb5-1.3-3.1.92mdk.amd64.rpm e1882034fd1c6a6956c1c36f044bd50a amd64/9.2/RPMS/krb5-server-1.3-3.1.92mdk.amd64.rpm cabea2b50a85c472ff5c252c4a3b65f5 amd64/9.2/RPMS/krb5-workstation-1.3-3.1.92mdk.amd64.rpm 5ebc0da84930676585725ddebc21ace3 amd64/9.2/RPMS/lib64krb51-1.3-3.1.92mdk.amd64.rpm 06f1e9bfe725e320666a51bd217b067b amd64/9.2/RPMS/lib64krb51-devel-1.3-3.1.92mdk.amd64.rpm 0c3c7637de54d9291c1886be3ac09ac1 amd64/9.2/RPMS/telnet-client-krb5-1.3-3.1.92mdk.amd64.rpm 876cd2e1bc605b8379183a5a7d53334f amd64/9.2/RPMS/telnet-server-krb5-1.3-3.1.92mdk.amd64.rpm 97a04b5c44799791eb1574d72a77dd5a amd64/9.2/SRPMS/krb5-1.3-3.1.92mdk.src.rpm Multi Network Firewall 8.2: e469005862622993d741efe18a973b4f mnf8.2/RPMS/krb5-libs-1.2.2-17.6.M82mdk.i586.rpm 007a6133daaec5e1c699ba303651f627 mnf8.2/SRPMS/krb5-1.2.2-17.6.M82mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAv6LEmqjQ0CJFipgRAmP2AJ9yz70XbcN/fd6EjyQcyQbyoddqEACg59bD 1nsN3/ilgIlGelRpvf4eJqw= =EigO -----END PGP SIGNATURE----- ____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
(Log in to post comments)