Mehrere Probleme in Kerberos
ID: | USN-1233-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
Datum: | Mi, 19. Oktober 2011, 08:13 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527 |
Applikationen: | MIT Kerberos |
Originalnachricht |
|
--===============4705368634901708904== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="kVXhAStRUZ/+rrGn" Content-Disposition: inline --kVXhAStRUZ/+rrGn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-1233-1 October 18, 2011 krb5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: Several denial of service issues were fixed in the Kerberos Key Distribution Center (KDC). Software Description: - krb5: MIT Kerberos Network Authentication Protocol Details: Nalin Dahyabhai, Andrej Ota and Kyle Moffett discovered a NULL pointer dereference in the KDC LDAP backend. An unauthenticated remote attacker could use this to cause a denial of service. This issue affected Ubuntu 11.10. (CVE-2011-1527) Mark Deneen discovered that an assert() could be triggered in the krb5_ldap_lockout_audit() function in the KDC LDAP backend and the krb5_db2_lockout_audit() function in the KDC DB2 backend. An unauthenticated remote attacker could use this to cause a denial of service. (CVE-2011-1528) It was discovered that a NULL pointer dereference could occur in the lookup_lockout_policy() function in the KDC LDAP and DB2 backends. An unauthenticated remote attacker could use this to cause a denial of service. (CVE-2011-1529) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: krb5-kdc 1.9.1+dfsg-1ubuntu1.1 krb5-kdc-ldap 1.9.1+dfsg-1ubuntu1.1 Ubuntu 11.04: krb5-kdc 1.8.3+dfsg-5ubuntu2.2 krb5-kdc-ldap 1.8.3+dfsg-5ubuntu2.2 Ubuntu 10.10: krb5-kdc 1.8.1+dfsg-5ubuntu0.8 krb5-kdc-ldap 1.8.1+dfsg-5ubuntu0.8 Ubuntu 10.04 LTS: krb5-kdc 1.8.1+dfsg-2ubuntu0.10 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.10 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1233-1 CVE-2011-1527, CVE-2011-1528, CVE-2011-1529 Package Information: https://launchpad.net/ubuntu/+source/krb5/1.9.1+dfsg-1ubuntu1.1 https://launchpad.net/ubuntu/+source/krb5/1.8.3+dfsg-5ubuntu2.2 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-5ubuntu0.8 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.10 --kVXhAStRUZ/+rrGn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCgAGBQJOnhAQAAoJEC8Jno0AXoH0V8QP/ApmUCWP6uYkvo5Ikabc2+65 mQqdJ9yt2Kehnr82eZ4qCtx/V4aLWmyf5RfB/RXTmoGzr13UKYSIhX5q9zYB7Bls ZJO4WXIBkIXodxLvrTcE/J2djOZx00zwdcw7XPoPCCrZx+YghQa7j+3hAuNn8lGR iBuWa0ZpL7XS2zbnGb9bXDoz8OZAKt5/PUEKpolL7oIHVQZ7aUZMTr86ubAiTlbv G825ROFviDep1xqTmklFZ6/Ks8mjGIlVF22q8rhJQQfZ4GNItDkql4rKilpp/AId CReJV7BEG1Sug9PYpzPTw8DmYOUoXL/nOwkvSccWXXvCJnaBVHqmu4I1TFmagFUc d9nO0z9e7LHS6wcMG/dr8HEioByxF4YsDwYzFOnZnELP2kM7R4FYRgBRY4zzokJx 5VIPzpPJESiarexnnuWTGqrqMNkwKTcsTVgsdnDQ0gCkgF0WPUCc+o+ff4kAY5Uk x9gzbru2RFSB2SOs3d3CgPrfIJcdLpQm+VnfCeMnQn0tyoa7g2dy1Ahy9ztoksoC nxbjYqvfiPDvrarnESnQ0XdqNL2HAYCyuG+2RTZJqX1y1TwufbGL8zDwBxzJxNfr kRYYIEH88P6guryF7Q+j5JYNudifYAE28T6McLmv2gFx1/kBpW7VeJXdavXfd/Z6 nVGO7rDcclaU5MhDJrdd =he8H -----END PGP SIGNATURE----- --kVXhAStRUZ/+rrGn-- --===============4705368634901708904== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============4705368634901708904==-- |