drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Kerberos
Name: |
Mehrere Probleme in Kerberos |
|
ID: |
USN-1520-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Di, 31. Juli 2012, 22:48 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 |
|
Applikationen: |
MIT Kerberos |
|
Originalnachricht |
--===============8754818036042440716== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline
--X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-1520-1 July 31, 2012
krb5 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos.
Software Description: - krb5: MIT Kerberos Network Authentication Protocol
Details:
Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could free an uninitialized pointer when handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2012-1015)
Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could dereference an uninitialized pointer while handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-1014)
Simo Sorce discovered that the MIT krb5 Key Distribution Center (KDC) daemon could dereference a NULL pointer when handling a malformed TGS-REQ message. A remote authenticated attacker could use this to cause a denial of service. (CVE-2012-1013)
It was discovered that the kadmin protocol implementation in MIT krb5 did not properly restrict access to the SET_STRING and GET_STRINGS operations. A remote authenticated attacker could use this to expose or modify sensitive information. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-1012)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.3 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.3 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.3
Ubuntu 11.10: krb5-admin-server 1.9.1+dfsg-1ubuntu2.3 krb5-kdc 1.9.1+dfsg-1ubuntu2.3 krb5-kdc-ldap 1.9.1+dfsg-1ubuntu2.3
Ubuntu 11.04: krb5-admin-server 1.8.3+dfsg-5ubuntu2.3 krb5-kdc 1.8.3+dfsg-5ubuntu2.3 krb5-kdc-ldap 1.8.3+dfsg-5ubuntu2.3
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.11 krb5-kdc 1.8.1+dfsg-2ubuntu0.11 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.11
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1520-1 CVE-2012-1012, CVE-2012-1013, CVE-2012-1014, CVE-2012-1015
Package Information: https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.3 https://launchpad.net/ubuntu/+source/krb5/1.9.1+dfsg-1ubuntu2.3 https://launchpad.net/ubuntu/+source/krb5/1.8.3+dfsg-5ubuntu2.3 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.11
--X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJQGCpTAAoJEC8Jno0AXoH0qgAP/3QAOjjcc7nYZyGBLCLpIaOS 4rue4qE8PVpFz1MAVdzZ6XARsImWAMToQoTnWEOWczGHIOd/SS5H8Btp7d2OuJ6y uzcVf8gAi92uW5AEtNbfVxXMiRrfiazc+jxjw+LAuBBAUjjP++CkqUOEwi82J+rE GrK0/ZC71SP1SRtTqLwbEZcUPxqiy9fWIVpH9Mx+tHVL5db78QVJHsGI1NgkDCyb 5ks+4xEVnVfIxTiPogKsqpGDWhW9hx8K08MXXieVFn/H6D7mMZTutEoUdyyNzrgA c3aP+Tj5NMK3QfIDdtul7NyEo5diHHHkndy/ill9l9fSHJy2zEL3UfawOJF4lsPF 039eZKtx+wNsptrf8//9y63micnEYqyYjWVCbqUVeoiEqoIuWCx3Dwi3hN4srXNQ CWpE3Hj1nqsAaESAY1KYgG+DezXPbdh8UCYXDPg2WoTt02qDJOye50lJDCLIBk/c uAOWABDBCOrv0q6bBlgUlYNPGiE8CwNmMiIhJsY2I5qImh8o8azy7KMzBdkSPE6E 6uSg8St5zEVquaWXP0gDxUmeKDsAg8mg3bnOPf4f0BM04g7m3704ul42C/4qjwYs HxC9RpWQN4kJc+/h2pJm17U5YXfBN32E/FSQeWeuJrd3N0vw5Te/9/2Yfr0TgVUH AH2bWEMSPx0Bi15j7hxJ =5nzR -----END PGP SIGNATURE-----
--X1bOJ3K7DJ5YkBrT--
--===============8754818036042440716== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8754818036042440716==--
|
|
|
|