drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Heimdal
Name: |
Mangelnde Rechteprüfung in Heimdal |
|
ID: |
DSA-3912-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie, Debian stretch |
|
Datum: |
So, 16. Juli 2017, 17:05 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 |
|
Applikationen: |
Heimdal |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3912-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 16, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : heimdal CVE ID : CVE-2017-11103 Debian Bug : 868208
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams reported that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, trusts metadata taken from the unauthenticated plaintext (Ticket), rather than the authenticated and encrypted KDC response. A man-in-the-middle attacker can use this flaw to impersonate services to the client.
See https://orpheus-lyre.info/ for details.
For the oldstable distribution (jessie), this problem has been fixed in version 1.6~rc2+dfsg-9+deb8u1.
For the stable distribution (stretch), this problem has been fixed in version 7.1.0+dfsg-13+deb9u1.
For the unstable distribution (sid), this problem has been fixed in version 7.4.0.dfsg.1-1.
We recommend that you upgrade your heimdal packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAllrYqJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qd4w/8DdQRasssYylGZcOojdCQU8wA31IbhmeZVhRJ52y8kZG+Lv0h5qODHSkc LnPOBK8m8c4WIl/qgqc1TReHT/gTBay2xtmYIAl94e5BKClFVmk8QjTl2lwcBGK6 akg0OAiq7gPRtmvLdWWPouFXSZh8GXJ2+1UShTaO9tenD+6A75qiy0iExnSqTdNy mjH5kTDhUqY34nG/G2uSXTA/UUFtP+kSeRjC1XSvlXc6UsumDGni0/RCYer+6kn/ sDSGKIX/+JN7BG2nb3OhrXgbo40hEflRynAwB35ZPwCPytmp2x7XiCsMnDqFAK6o AeiDwPe8eRpUGZLbh7urFQ2UyQvPlNXLHxpjhHLb94OcFAQCPc/TKpuTqAXQ21dP luSd8Fai/cNOE1YwlQVG8LJPqm5Zxe8mVeTtQJ0c1PPpUcElgosU1AJYb0KjC8Vn u+TX9eHpo6ZLf4d+BfEqjLBjN87/VQnDCsjYcCAibFj1w+3Zh/cwThP1qpkaSyuI yCrJeDQlNbeqV96EMGg1l+E1P4aFDmk7Xyp4X7TGJ/hklz1bkr6esMLPZVcSZS5a eXmelXGY9ba5hWiGL9WqXsfODKh/PzQ0425ZMwyoQgBsCjupXtaNzY8JE51+k8JM uJylqEkb0aMAcRHiCiICpHJIidTcjpoyDrDAnUTtmEaqI7aydcs= =2FaP -----END PGP SIGNATURE-----
|
|
|
|