drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Heimdal
Name: |
Mangelnde Rechteprüfung in Heimdal |
|
ID: |
USN-3353-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10, Ubuntu 17.04 |
|
Datum: |
Sa, 15. Juli 2017, 19:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 |
|
Applikationen: |
Heimdal |
|
Originalnachricht |
--===============6235891851241497572== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="b0op/nKJ9CeIhp9z" Content-Disposition: inline
--b0op/nKJ9CeIhp9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3353-1 July 14, 2017
heimdal vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Heimdal could allow unintended access to network services.
Software Description: - heimdal: Heimdal Kerberos Network Authentication Protocol
Details:
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Heimdal clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: libkrb5-26-heimdal 7.1.0+dfsg-9ubuntu1.1
Ubuntu 16.10: libkrb5-26-heimdal 1.7~git20150920+dfsg-4ubuntu1.16.10.1
Ubuntu 16.04 LTS: libkrb5-26-heimdal 1.7~git20150920+dfsg-4ubuntu1.16.04.1
Ubuntu 14.04 LTS: libkrb5-26-heimdal 1.6~git20131207+dfsg-1ubuntu1.2
After a standard system update you need to restart any applications using Heimdal libraries to make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3353-1 CVE-2017-11103
Package Information: https://launchpad.net/ubuntu/+source/heimdal/7.1.0+dfsg-9ubuntu1.1 https://launchpad.net/ubuntu/+source/heimdal/1.7~git20150920+dfsg-4ubuntu1.16.10.1 https://launchpad.net/ubuntu/+source/heimdal/1.7~git20150920+dfsg-4ubuntu1.16.04.1 https://launchpad.net/ubuntu/+source/heimdal/1.6~git20131207+dfsg-1ubuntu1.2
--b0op/nKJ9CeIhp9z Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJZaR9sAAoJEC8Jno0AXoH0FEEP/ApNVDYg2k+GtLoALOofmnrC zIYDPuGrw13jLUDT0AKmS3+tEI3nhb4Uavx3+PGbK8v79hmi5p3/OTjhvdUJeBdy loM7uBP4mdtN7uqdOt2dXerYXiaaHYd/gCjgjsN89UB3WZ3On4xaZR/2lfw6gE7G GzIBeh1mM2lrflVyqDYjj7taNNix5scHac8/h98oE324UWWZesEjLv7/VPLuShr0 YvLoTpncdGXvArH3Ct2pkM162Xdc2PkaCrWXFbf/GbUXNHBoPwzBzh0mnCmX+rMv zKw02b0EbvPsZG22X1kkCW8FK/R5BgO181mIyQ3h3QbH8WXkK1n03GHXYEE9jOyy l8kwb8usHxhiZyHClIRpSkyU4Gc8J9Tw6M5O6hsBQZREkg0HuvyuuSGndwCFeZ8+ T39pRhHmsBth5kj9KvrJFK9tExTzjN4ntMYFTjVDsAGl0Coh9YiVdAybNx2DKYtc XtsVp7A9zYRoaJBitfOJzJjWMT+x+GZwDA7NiwijbPM661gEouv5w3A8wqPSC0CY JxE269btvVu7Go9SQ327g/B1QakS1McD9gs7N9u4zISwRzA8+17I7wT3qrdFyqNG dvLkut9e9CD642Z4hmRGWxY3z4QzQ3X/1MlVFo5lgL/CsBfyFU+w6afEqSYoKO64 rJ4U8ZNj82r7AiEkCHEE =MJk9 -----END PGP SIGNATURE-----
--b0op/nKJ9CeIhp9z--
--===============6235891851241497572== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6235891851241497572==--
|
|
|
|