drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Kerberos
Name: |
Mehrere Probleme in Kerberos |
|
ID: |
USN-1233-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Mi, 19. Oktober 2011, 08:13 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527 |
|
Applikationen: |
MIT Kerberos |
|
Originalnachricht |
--===============4705368634901708904== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="kVXhAStRUZ/+rrGn" Content-Disposition: inline
--kVXhAStRUZ/+rrGn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-1233-1 October 18, 2011
krb5 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS
Summary:
Several denial of service issues were fixed in the Kerberos Key Distribution Center (KDC).
Software Description: - krb5: MIT Kerberos Network Authentication Protocol
Details:
Nalin Dahyabhai, Andrej Ota and Kyle Moffett discovered a NULL pointer dereference in the KDC LDAP backend. An unauthenticated remote attacker could use this to cause a denial of service. This issue affected Ubuntu 11.10. (CVE-2011-1527)
Mark Deneen discovered that an assert() could be triggered in the krb5_ldap_lockout_audit() function in the KDC LDAP backend and the krb5_db2_lockout_audit() function in the KDC DB2 backend. An unauthenticated remote attacker could use this to cause a denial of service. (CVE-2011-1528)
It was discovered that a NULL pointer dereference could occur in the lookup_lockout_policy() function in the KDC LDAP and DB2 backends. An unauthenticated remote attacker could use this to cause a denial of service. (CVE-2011-1529)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: krb5-kdc 1.9.1+dfsg-1ubuntu1.1 krb5-kdc-ldap 1.9.1+dfsg-1ubuntu1.1
Ubuntu 11.04: krb5-kdc 1.8.3+dfsg-5ubuntu2.2 krb5-kdc-ldap 1.8.3+dfsg-5ubuntu2.2
Ubuntu 10.10: krb5-kdc 1.8.1+dfsg-5ubuntu0.8 krb5-kdc-ldap 1.8.1+dfsg-5ubuntu0.8
Ubuntu 10.04 LTS: krb5-kdc 1.8.1+dfsg-2ubuntu0.10 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.10
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1233-1 CVE-2011-1527, CVE-2011-1528, CVE-2011-1529
Package Information: https://launchpad.net/ubuntu/+source/krb5/1.9.1+dfsg-1ubuntu1.1 https://launchpad.net/ubuntu/+source/krb5/1.8.3+dfsg-5ubuntu2.2 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-5ubuntu0.8 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.10
--kVXhAStRUZ/+rrGn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJOnhAQAAoJEC8Jno0AXoH0V8QP/ApmUCWP6uYkvo5Ikabc2+65 mQqdJ9yt2Kehnr82eZ4qCtx/V4aLWmyf5RfB/RXTmoGzr13UKYSIhX5q9zYB7Bls ZJO4WXIBkIXodxLvrTcE/J2djOZx00zwdcw7XPoPCCrZx+YghQa7j+3hAuNn8lGR iBuWa0ZpL7XS2zbnGb9bXDoz8OZAKt5/PUEKpolL7oIHVQZ7aUZMTr86ubAiTlbv G825ROFviDep1xqTmklFZ6/Ks8mjGIlVF22q8rhJQQfZ4GNItDkql4rKilpp/AId CReJV7BEG1Sug9PYpzPTw8DmYOUoXL/nOwkvSccWXXvCJnaBVHqmu4I1TFmagFUc d9nO0z9e7LHS6wcMG/dr8HEioByxF4YsDwYzFOnZnELP2kM7R4FYRgBRY4zzokJx 5VIPzpPJESiarexnnuWTGqrqMNkwKTcsTVgsdnDQ0gCkgF0WPUCc+o+ff4kAY5Uk x9gzbru2RFSB2SOs3d3CgPrfIJcdLpQm+VnfCeMnQn0tyoa7g2dy1Ahy9ztoksoC nxbjYqvfiPDvrarnESnQ0XdqNL2HAYCyuG+2RTZJqX1y1TwufbGL8zDwBxzJxNfr kRYYIEH88P6guryF7Q+j5JYNudifYAE28T6McLmv2gFx1/kBpW7VeJXdavXfd/Z6 nVGO7rDcclaU5MhDJrdd =he8H -----END PGP SIGNATURE-----
--kVXhAStRUZ/+rrGn--
--===============4705368634901708904== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4705368634901708904==--
|
|
|
|