Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in krb5
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in krb5
ID: MDVSA-2009:098
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2008.1, Mandriva 2009.0
Datum: Mo, 27. April 2009, 18:18
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847
Applikationen: MIT Kerberos

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1240849112-27111-1895


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:098
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : krb5
 Date    : April 27, 2009
 Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in krb5:
 
 The get_input_token function in the SPNEGO implementation in MIT
 Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to
 cause a denial of service (daemon crash) and possibly obtain sensitive
 information via a crafted length value that triggers a buffer over-read
 (CVE-2009-0844).
 
 The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in
 the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before
 1.6.4 allows remote attackers to cause a denial of service (daemon
 crash) or possibly execute arbitrary code via vectors involving an
 invalid DER encoding that triggers a free of an uninitialized pointer
 (CVE-2009-0846).
 
 The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5
 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to
 cause a denial of service (application crash) via a crafted length
 value that triggers an erroneous malloc call, related to incorrect
 calculations with pointer arithmetic (CVE-2009-0847).
 
 The updated packages have been patched to correct these issues.

 Update:

 krb5 packages for Mandriva Linux Corporate Server 3 and 4 are not
 affected by CVE-2009-0844 and CVE-2009-0845
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0844
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 8fd37c3b7905d709149e949341a1cef5 
 2008.1/i586/ftp-client-krb5-1.6.3-6.2mdv2008.1.i586.rpm
 5bfecf2eea4e760cabb8fabb99c2319e 
 2008.1/i586/ftp-server-krb5-1.6.3-6.2mdv2008.1.i586.rpm
 2d93da6ed6fa398a4757f054036d5631  2008.1/i586/krb5-1.6.3-6.2mdv2008.1.i586.rpm
 32bab4463f4e90f86b5793dc39c44100 
 2008.1/i586/krb5-server-1.6.3-6.2mdv2008.1.i586.rpm
 a1530d87332a48cf90e3e52489cebc8a 
 2008.1/i586/krb5-workstation-1.6.3-6.2mdv2008.1.i586.rpm
 7df9ee6615eda87dc94fdc9bf6425b2e 
 2008.1/i586/libkrb53-1.6.3-6.2mdv2008.1.i586.rpm
 cf9e0fd5e84e427970aa625b30feb2b4 
 2008.1/i586/libkrb53-devel-1.6.3-6.2mdv2008.1.i586.rpm
 677e51076cec19f129ef56f1cdab8f03 
 2008.1/i586/telnet-client-krb5-1.6.3-6.2mdv2008.1.i586.rpm
 619cb1d107395184eb8affbd0901b189 
 2008.1/i586/telnet-server-krb5-1.6.3-6.2mdv2008.1.i586.rpm 
 177a17eaba5c495a99e5db26251dba08  2008.1/SRPMS/krb5-1.6.3-6.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 1679393718e45595011f6b3c55058403 
 2008.1/x86_64/ftp-client-krb5-1.6.3-6.2mdv2008.1.x86_64.rpm
 ab83a1b935d84dfb3ed167567286ef44 
 2008.1/x86_64/ftp-server-krb5-1.6.3-6.2mdv2008.1.x86_64.rpm
 5d8c9714a0662f703ce64e2d3ffec248 
 2008.1/x86_64/krb5-1.6.3-6.2mdv2008.1.x86_64.rpm
 564fcc2fa623f51ec0d49db3933002c6 
 2008.1/x86_64/krb5-server-1.6.3-6.2mdv2008.1.x86_64.rpm
 1a6900fa4b8945bac082a655282730ce 
 2008.1/x86_64/krb5-workstation-1.6.3-6.2mdv2008.1.x86_64.rpm
 786d21d01c4605cca4dcc49a644f46cb 
 2008.1/x86_64/lib64krb53-1.6.3-6.2mdv2008.1.x86_64.rpm
 efc04ec60d2765f6d988011ab3407472 
 2008.1/x86_64/lib64krb53-devel-1.6.3-6.2mdv2008.1.x86_64.rpm
 0b2818f503dd4aa22688c868b51f1228 
 2008.1/x86_64/telnet-client-krb5-1.6.3-6.2mdv2008.1.x86_64.rpm
 112d154ca517a31fd2a4fa467d5d4e3c 
 2008.1/x86_64/telnet-server-krb5-1.6.3-6.2mdv2008.1.x86_64.rpm 
 177a17eaba5c495a99e5db26251dba08  2008.1/SRPMS/krb5-1.6.3-6.2mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 c2cda7b765baa64dbb0f1a7b976a1591 
 2009.0/i586/ftp-client-krb5-1.6.3-6.2mdv2009.0.i586.rpm
 1dda8aa526a297dbc9038f280fa6883c 
 2009.0/i586/ftp-server-krb5-1.6.3-6.2mdv2009.0.i586.rpm
 c8ad63842e6e8be0b4a5b5d21e458391  2009.0/i586/krb5-1.6.3-6.2mdv2009.0.i586.rpm
 bee377a64972f0fcb0b2d31e1d286385 
 2009.0/i586/krb5-server-1.6.3-6.2mdv2009.0.i586.rpm
 a83c03666c857e0c88a863dbf15ae526 
 2009.0/i586/krb5-workstation-1.6.3-6.2mdv2009.0.i586.rpm
 17a89f6840ec8f2a60941fec75fba00b 
 2009.0/i586/libkrb53-1.6.3-6.2mdv2009.0.i586.rpm
 4977c8d2353b28501d671b66b44e4133 
 2009.0/i586/libkrb53-devel-1.6.3-6.2mdv2009.0.i586.rpm
 cdeef84c6cde6ddf8912718a88e66bf4 
 2009.0/i586/telnet-client-krb5-1.6.3-6.2mdv2009.0.i586.rpm
 1e4906e2d74331a38e29b6b04a0ea8ba 
 2009.0/i586/telnet-server-krb5-1.6.3-6.2mdv2009.0.i586.rpm 
 4ad1f1a599a545334c80d9759def48ed  2009.0/SRPMS/krb5-1.6.3-6.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 fdc1779a9c4c7bc31880435fa8afbbb5 
 2009.0/x86_64/ftp-client-krb5-1.6.3-6.2mdv2009.0.x86_64.rpm
 ccbde6246adfa07175b5cf2da9809d81 
 2009.0/x86_64/ftp-server-krb5-1.6.3-6.2mdv2009.0.x86_64.rpm
 17662205327ac45a9fcc6ab270a8ef4f 
 2009.0/x86_64/krb5-1.6.3-6.2mdv2009.0.x86_64.rpm
 b19fb986950c065345a28e9b8a444ab4 
 2009.0/x86_64/krb5-server-1.6.3-6.2mdv2009.0.x86_64.rpm
 a2bba1358dfdfc458782357d805a566b 
 2009.0/x86_64/krb5-workstation-1.6.3-6.2mdv2009.0.x86_64.rpm
 72a6f9be1607868e5d7c10ec8a7d2295 
 2009.0/x86_64/lib64krb53-1.6.3-6.2mdv2009.0.x86_64.rpm
 7956f8bca30bbd637422189606b41e3a 
 2009.0/x86_64/lib64krb53-devel-1.6.3-6.2mdv2009.0.x86_64.rpm
 34b741d881ef3b12905a9d624f4fc901 
 2009.0/x86_64/telnet-client-krb5-1.6.3-6.2mdv2009.0.x86_64.rpm
 59d905047019f89cdd0a04e3bfe0ab14 
 2009.0/x86_64/telnet-server-krb5-1.6.3-6.2mdv2009.0.x86_64.rpm 
 4ad1f1a599a545334c80d9759def48ed  2009.0/SRPMS/krb5-1.6.3-6.2mdv2009.0.src.rpm

 Corporate 3.0:
 304218624241e5ce340f6c20534edaac 
 corporate/3.0/i586/ftp-client-krb5-1.3-6.11.C30mdk.i586.rpm
 4b2ced385b76878b5eeca08d68cf8741 
 corporate/3.0/i586/ftp-server-krb5-1.3-6.11.C30mdk.i586.rpm
 e652820a091fcb438ae0cc973e579dfa 
 corporate/3.0/i586/krb5-server-1.3-6.11.C30mdk.i586.rpm
 c8136e55b22095692d3de5266e742ec1 
 corporate/3.0/i586/krb5-workstation-1.3-6.11.C30mdk.i586.rpm
 75ef8ea188a73d9c0da28987ba42aa8d 
 corporate/3.0/i586/libkrb51-1.3-6.11.C30mdk.i586.rpm
 023862f9970d739299d9653b31d164c2 
 corporate/3.0/i586/libkrb51-devel-1.3-6.11.C30mdk.i586.rpm
 c30c68b3c4726e37e010ca816cefe2a7 
 corporate/3.0/i586/telnet-client-krb5-1.3-6.11.C30mdk.i586.rpm
 ffd71b666478d27ccc1fc06ad5175a8b 
 corporate/3.0/i586/telnet-server-krb5-1.3-6.11.C30mdk.i586.rpm 
 4458f2259fef080bbece26f0235f1418 
 corporate/3.0/SRPMS/krb5-1.3-6.11.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 d981c4f2a7925adb6feff0c252f00626 
 corporate/3.0/x86_64/ftp-client-krb5-1.3-6.11.C30mdk.x86_64.rpm
 f59125ae3c7d1efa7151c5c8a86a1476 
 corporate/3.0/x86_64/ftp-server-krb5-1.3-6.11.C30mdk.x86_64.rpm
 b17ece09b31395a413ae5eeeb5bd32a6 
 corporate/3.0/x86_64/krb5-server-1.3-6.11.C30mdk.x86_64.rpm
 fc0b7f2fb95220c1607a72f5c25a45c3 
 corporate/3.0/x86_64/krb5-workstation-1.3-6.11.C30mdk.x86_64.rpm
 156b5df78ec1239559e8720299f679e7 
 corporate/3.0/x86_64/lib64krb51-1.3-6.11.C30mdk.x86_64.rpm
 4635489e850e52abca2df6db7d4a5ebc 
 corporate/3.0/x86_64/lib64krb51-devel-1.3-6.11.C30mdk.x86_64.rpm
 49806cab645a6a1d596f5b5a1cedd96c 
 corporate/3.0/x86_64/telnet-client-krb5-1.3-6.11.C30mdk.x86_64.rpm
 38fdcdf20d4ef0243fb6dbfe6a7780d5 
 corporate/3.0/x86_64/telnet-server-krb5-1.3-6.11.C30mdk.x86_64.rpm 
 4458f2259fef080bbece26f0235f1418 
 corporate/3.0/SRPMS/krb5-1.3-6.11.C30mdk.src.rpm

 Corporate 4.0:
 ab3ccbb8ce757efec2db8132432ae11f 
 corporate/4.0/i586/ftp-client-krb5-1.4.3-5.7.20060mlcs4.i586.rpm
 275e178b54b246c15ed10dc723e1920d 
 corporate/4.0/i586/ftp-server-krb5-1.4.3-5.7.20060mlcs4.i586.rpm
 7d3baabbf55efbebdef4357d46d350de 
 corporate/4.0/i586/krb5-server-1.4.3-5.7.20060mlcs4.i586.rpm
 0ae5311265df889ac567e0100a518eb6 
 corporate/4.0/i586/krb5-workstation-1.4.3-5.7.20060mlcs4.i586.rpm
 70c681507015a10de964bf024abc9654 
 corporate/4.0/i586/libkrb53-1.4.3-5.7.20060mlcs4.i586.rpm
 c3d01b1057490701edf645168ec0f0eb 
 corporate/4.0/i586/libkrb53-devel-1.4.3-5.7.20060mlcs4.i586.rpm
 e8e983e847571dfed35669719abf39be 
 corporate/4.0/i586/telnet-client-krb5-1.4.3-5.7.20060mlcs4.i586.rpm
 acc59a77acfd6ed95e29bdd1e99f3795 
 corporate/4.0/i586/telnet-server-krb5-1.4.3-5.7.20060mlcs4.i586.rpm 
 a4c146bd8c32f15d0997a72b7a90e944 
 corporate/4.0/SRPMS/krb5-1.4.3-5.7.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 62bbdd34df62287729d1b14ec2ab4d73 
 corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.7.20060mlcs4.x86_64.rpm
 1e948554c70318ce09d4b6392e7b931d 
 corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.7.20060mlcs4.x86_64.rpm
 bceebd8909400563345b2d282c3b4baf 
 corporate/4.0/x86_64/krb5-server-1.4.3-5.7.20060mlcs4.x86_64.rpm
 579beed3249c720a8421a7706d718783 
 corporate/4.0/x86_64/krb5-workstation-1.4.3-5.7.20060mlcs4.x86_64.rpm
 417e35f8f3954181367dca4ee82b5580 
 corporate/4.0/x86_64/lib64krb53-1.4.3-5.7.20060mlcs4.x86_64.rpm
 74fdeb37faf6cba35cc0b071166d08cb 
 corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.7.20060mlcs4.x86_64.rpm
 9e0a1ba777a7229ab71ffdb58bea6a88 
 corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.7.20060mlcs4.x86_64.rpm
 e6c8b6748465b44bed26cc9913f0bc34 
 corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.7.20060mlcs4.x86_64.rpm 
 a4c146bd8c32f15d0997a72b7a90e944 
 corporate/4.0/SRPMS/krb5-1.4.3-5.7.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJ9a0ZmqjQ0CJFipgRAmKGAJ9/gvDEmpyKrpEICEb2TZ/A8JGjTwCgmGxz
A8MpLcIJtfquCFfmrU5PlZQ=
=6HOC
-----END PGP SIGNATURE-----


------------=_1240849112-27111-1895
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1240849112-27111-1895--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung