drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in krb5
Name: |
Mehrere Probleme in krb5 |
|
ID: |
TLSA-2007-42 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 8 Server, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal |
|
Datum: |
Mi, 8. August 2007, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798 |
|
Applikationen: |
MIT Kerberos |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2007-42 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 07 Aug 2007 Last revised: 07 Aug 2007
Package: krb5
Summary: Three vulnerabilities discovered in krb5
More information: Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords.
- MIT Kerberos 5 might allow remote attackers to execute arbitrary code via a zero-length RPC credential. - MIT Kerberos 5 might allow remote attackers to execute arbitrary code via a negative length value. - MIT Kerberos allows remote authenticated users to execute arbitrary code.
Impact: An unauthenticated remote user may be able to cause a host running kadmind to execute arbitrary code.
Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux 10 Server x64 Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
krb5-1.3.4-23.src.rpm 6408804 43fc0d00222d58d2bd0a62dc47da5a1e
Binary Packages Size: MD5
krb5-devel-1.3.4-23.i586.rpm 656575 7161337a83a4654c5ff71693e8125acd krb5-libs-1.3.4-23.i586.rpm 432543 9ba2b98088b063e61e778215542d888a krb5-server-1.3.4-23.i586.rpm 779682 3b11b75d9354376c1114a60a96b440de krb5-workstation-1.3.4-23.i586.rpm 840061 6ccd1e1f985a9361d6b6e817925fce9b
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
krb5-1.3.4-23.src.rpm 6408804 b4f209d2d9021ae739177e9fe5359966
Binary Packages Size: MD5
krb5-devel-1.3.4-23.x86_64.rpm 691617 d18ae80ee5463644e8941afa0769ec23 krb5-libs-1.3.4-23.x86_64.rpm 471895 f2e3878c4a396b058108f8e53c2699be krb5-server-1.3.4-23.x86_64.rpm 794425 ee3335a60b793a922f65852d4f25dca6 krb5-workstation-1.3.4-23.x86_64.rpm 887749 9c111470cd3e9d778f2b1dfdc25b5441
<Turbolinux 10 Server>
Source Packages Size: MD5
krb5-1.3.4-23.src.rpm 6408804 43fc0d00222d58d2bd0a62dc47da5a1e
Binary Packages Size: MD5
krb5-debug-1.3.4-23.i586.rpm 4017314 15168ddd9ec3dfdd37de466493d659ab krb5-devel-1.3.4-23.i586.rpm 656575 7161337a83a4654c5ff71693e8125acd krb5-libs-1.3.4-23.i586.rpm 432543 9ba2b98088b063e61e778215542d888a krb5-server-1.3.4-23.i586.rpm 779682 3b11b75d9354376c1114a60a96b440de krb5-workstation-1.3.4-23.i586.rpm 840061 6ccd1e1f985a9361d6b6e817925fce9b
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
krb5-1.2.5-22.src.rpm 5529257 3c1a173ecb71b9635e63a75325451f9d
Binary Packages Size: MD5
krb5-devel-1.2.5-22.i586.rpm 578748 6b3359f12309e3908aa2496a9b33b7e3 krb5-libs-1.2.5-22.i586.rpm 344274 37a8539044cb7775f92b61d861b15bd6 krb5-server-1.2.5-22.i586.rpm 603213 0cc1e369e9e88906dd7b98a038b66ec8 krb5-workstation-1.2.5-22.i586.rpm 592535 619c219b8f00f4da59177050e20a0777
<Turbolinux 8 Server>
Source Packages Size: MD5
krb5-1.2.5-22.src.rpm 5529257 7e801575fddb958863757244430b7e6a
Binary Packages Size: MD5
krb5-devel-1.2.5-22.i586.rpm 577526 4abf9b4f23af6ca66a5f01c669c9830b krb5-libs-1.2.5-22.i586.rpm 640406 60c2ee2c96d84bbf0320b25cd9cb2285 krb5-server-1.2.5-22.i586.rpm 604127 981c85d5c00c7ca9d9792cb70c78f0e1 krb5-workstation-1.2.5-22.i586.rpm 603224 f5543545d84352956009debc51a8f630
References:
MIT krb5 Security Advisory [MIT krb5 Security Advisory 2007-004] http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt [MIT krb5 Security Advisory 2007-005] http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt
CVE [CVE-2007-2442] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442 [CVE-2007-2443] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443 [CVE-2007-2798] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
-------------------------------------------------------------------------- Revision History 07 Aug 2007 Initial release --------------------------------------------------------------------------
Copyright(C) 2007 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGuBO1K0LzjOqIJMwRAkkDAJ92468/vZ7gfY6QD+IqNr2Mhc3mOgCdEWQd 40GpsExSbvv6twWOb7KEE1M= =3eeV -----END PGP SIGNATURE-----
|
|
|
|