Login
Newsletter
Werbung
Sicherheit: Ausführen beliebiger Kommandos in krb5
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in krb5
ID: MDKSA-2007:008
Distribution: Mandriva
Plattformen: Mandriva 2006.0, Mandriva Corporate 4.0, Mandriva 2007.0
Datum: Do, 11. Januar 2007, 05:16
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
http://www.cert.org/advisories/481564
Applikationen: MIT Kerberos

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1168488970-16192-7035


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:008
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : krb5
 Date    : January 10, 2007
 Affected: 2006.0, 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability in the RPC library in Kerberos 1.4.x and 1.5.x as used
 in the kadmind administration daemon calls an uninitialized function
 pointer in freed memory, which could allow a remote attacker to cause a
 Denial of Service and possibly execute arbitrary code via unspecified
 vectors.

 Updated packages are patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
 http://www.cert.org/advisories/481564
 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 a60e03243b204a7b0281d32aff6c7877 
 2006.0/i586/ftp-client-krb5-1.4.2-1.2.20060mdk.i586.rpm
 98552d247f0bd6231310715dd1fbb4a4 
 2006.0/i586/ftp-server-krb5-1.4.2-1.2.20060mdk.i586.rpm
 50eff45fd46afd3e04147cbd98fa99cd 
 2006.0/i586/krb5-server-1.4.2-1.2.20060mdk.i586.rpm
 58b570956596827c6c83db43b3b6ec4d 
 2006.0/i586/krb5-workstation-1.4.2-1.2.20060mdk.i586.rpm
 63f2980118e016c51bb8707d6f32eec5 
 2006.0/i586/libkrb53-1.4.2-1.2.20060mdk.i586.rpm
 362a93222614d35ea479318701695b9a 
 2006.0/i586/libkrb53-devel-1.4.2-1.2.20060mdk.i586.rpm
 19336d7d0cbc13f337b6d883e19c90c0 
 2006.0/i586/telnet-client-krb5-1.4.2-1.2.20060mdk.i586.rpm
 474a525a042f18b8f20c1353d34f4d94 
 2006.0/i586/telnet-server-krb5-1.4.2-1.2.20060mdk.i586.rpm 
 4e9722344646e273932c56b85edb747d  2006.0/SRPMS/krb5-1.4.2-1.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 f3c2542c797907b053505c229aabb7bc 
 2006.0/x86_64/ftp-client-krb5-1.4.2-1.2.20060mdk.x86_64.rpm
 478f693737b4aeb347c143c768d311aa 
 2006.0/x86_64/ftp-server-krb5-1.4.2-1.2.20060mdk.x86_64.rpm
 be81c7a72bf4c58888f87b8e1de6138e 
 2006.0/x86_64/krb5-server-1.4.2-1.2.20060mdk.x86_64.rpm
 f257c6013dcc018fd888e99ebd1979e9 
 2006.0/x86_64/krb5-workstation-1.4.2-1.2.20060mdk.x86_64.rpm
 2caec1d3046bc492c5fff8acea793d6b 
 2006.0/x86_64/lib64krb53-1.4.2-1.2.20060mdk.x86_64.rpm
 e42da64bf42609db45cfcf870c86e38c 
 2006.0/x86_64/lib64krb53-devel-1.4.2-1.2.20060mdk.x86_64.rpm
 119e125072bda0a478d0fc6f599c65d1 
 2006.0/x86_64/telnet-client-krb5-1.4.2-1.2.20060mdk.x86_64.rpm
 8d14872dd37351092def43f732ad91d9 
 2006.0/x86_64/telnet-server-krb5-1.4.2-1.2.20060mdk.x86_64.rpm 
 4e9722344646e273932c56b85edb747d  2006.0/SRPMS/krb5-1.4.2-1.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 a4d1443d510f1fef80ae2716f4c669ac 
 2007.0/i586/ftp-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 6ad2482bea8be0953e8804e17b5f6be6 
 2007.0/i586/ftp-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 0bdec1016065a8bb04089edd69dcaf67 
 2007.0/i586/krb5-server-1.4.3-6.1mdv2007.0.i586.rpm
 c51cb207bf1d7adcb7e73ca236247e60 
 2007.0/i586/krb5-workstation-1.4.3-6.1mdv2007.0.i586.rpm
 f49d9636ec2ee3be4160f004c9987407 
 2007.0/i586/libkrb53-1.4.3-6.1mdv2007.0.i586.rpm
 186959cc727e6542a413e18e6606fb0e 
 2007.0/i586/libkrb53-devel-1.4.3-6.1mdv2007.0.i586.rpm
 327c7461f838c7a4ca9f23500d0581ff 
 2007.0/i586/telnet-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 36c8eae2a02a09d2b93aa00518e0b879 
 2007.0/i586/telnet-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm 
 8b18bbe4f22325dd4ee5a99eef7e32dd  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 9e8a87605787eb574739756f86f00183 
 2007.0/x86_64/ftp-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 0ed4b823492d3d69947610f9b95cd44a 
 2007.0/x86_64/ftp-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 4cfa5d7da28f635c4ddb390f16f2dd32 
 2007.0/x86_64/krb5-server-1.4.3-6.1mdv2007.0.x86_64.rpm
 1546df114a3c250d7c2cf01a10daa6fc 
 2007.0/x86_64/krb5-workstation-1.4.3-6.1mdv2007.0.x86_64.rpm
 13b45d5e3efbc4d5ef0025ef3eb73cd3 
 2007.0/x86_64/lib64krb53-1.4.3-6.1mdv2007.0.x86_64.rpm
 5b1a6627c0ce7cfa165f0a594b031a3b 
 2007.0/x86_64/lib64krb53-devel-1.4.3-6.1mdv2007.0.x86_64.rpm
 18aedb28ddfc99096925047b21a7bd2c 
 2007.0/x86_64/telnet-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 cc35d21b8c920f9379b6e0868dec98fd 
 2007.0/x86_64/telnet-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm 
 8b18bbe4f22325dd4ee5a99eef7e32dd  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

 Corporate 4.0:
 ddc1741afd0fabd609587f8006f9a1ea 
 corporate/4.0/i586/ftp-client-krb5-1.4.3-5.1.20060mlcs4.i586.rpm
 2a5b69d4febcc3c3431a812c04a882d7 
 corporate/4.0/i586/ftp-server-krb5-1.4.3-5.1.20060mlcs4.i586.rpm
 6d1ed5b8ac4bb3ddc0855501eef24baf 
 corporate/4.0/i586/krb5-server-1.4.3-5.1.20060mlcs4.i586.rpm
 c5d87ffc5d7c09acb2b9915447fa6f5b 
 corporate/4.0/i586/krb5-workstation-1.4.3-5.1.20060mlcs4.i586.rpm
 139ba7efec113d4bf8cf052daee30694 
 corporate/4.0/i586/libkrb53-1.4.3-5.1.20060mlcs4.i586.rpm
 202c1536fbec4a847cee0f84b037c882 
 corporate/4.0/i586/libkrb53-devel-1.4.3-5.1.20060mlcs4.i586.rpm
 0066928b2dccd73cda873b156d787488 
 corporate/4.0/i586/telnet-client-krb5-1.4.3-5.1.20060mlcs4.i586.rpm
 bc7d767c2521955910621311a52f8dc5 
 corporate/4.0/i586/telnet-server-krb5-1.4.3-5.1.20060mlcs4.i586.rpm 
 079d5b68cd5c33a1d3dcd31c37be59b7 
 corporate/4.0/SRPMS/krb5-1.4.3-5.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 c7b2c83ca051117c72daaa864930dc4f 
 corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.1.20060mlcs4.x86_64.rpm
 76da52f8afb94def7cf7ce7aaed54737 
 corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.1.20060mlcs4.x86_64.rpm
 b1728594817b87985cb5ceb8bbd2cc56 
 corporate/4.0/x86_64/krb5-server-1.4.3-5.1.20060mlcs4.x86_64.rpm
 5bef7e859d36c1d9c84606ad988c30e5 
 corporate/4.0/x86_64/krb5-workstation-1.4.3-5.1.20060mlcs4.x86_64.rpm
 6a535d673befe0bfb79889b772382f1f 
 corporate/4.0/x86_64/lib64krb53-1.4.3-5.1.20060mlcs4.x86_64.rpm
 3da23da5792fba1bf65cbd56eb91dead 
 corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.1.20060mlcs4.x86_64.rpm
 1eaf0cd620c4c5e3685f6dc2242c191f 
 corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.1.20060mlcs4.x86_64.rpm
 a0676ac080ced1911ffed68055afac3e 
 corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.1.20060mlcs4.x86_64.rpm 
 079d5b68cd5c33a1d3dcd31c37be59b7 
 corporate/4.0/SRPMS/krb5-1.4.3-5.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFpYwMmqjQ0CJFipgRAnt1AKCpDRqKBrTK8N3GjUdTkr+Kkvze1wCeKy5d
GmWwPOZ59ZFvM/BsVBsEAvg=
=nQrK
-----END PGP SIGNATURE-----


------------=_1168488970-16192-7035
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1168488970-16192-7035--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung