Login
Newsletter
Werbung
Sicherheit: Mehrere Pufferüberläufe in krb5
Aktuelle Meldungen Distributionen
Name: Mehrere Pufferüberläufe in krb5
ID: DSA-520-1
Distribution: Debian
Plattformen: Debian sid
Datum: Do, 17. Juni 2004, 13:00
Referenzen: Keine Angabe
Applikationen: MIT Kerberos

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 520-1                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
June 16th, 2004                         http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package        : krb5
Vulnerability  : buffer overflows
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2004-0523

In their advisory MITKRB5-SA-2004-001, the MIT Kerberos announced the
existence of buffer overflow vulnerabilities in the
krb5_aname_to_localname function.  This function is only used if
aname_to_localname is enabled in the configuration (this is not
enabled by default).

For the current stable distribution (woody), this problem has been
fixed in version 1.2.4-5woody5.

For the unstable distribution (sid), this problem has been fixed in
version 1.3.3-2.

We recommend that you update your krb5 package.

Upgrade Instructions
--------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody5.dsc
      Size/MD5 checksum:      750 88922316a5c4dc4f54eedfc8d1b2b21e
    krb5_1.2.4-5woody5.diff.gz
      Size/MD5 checksum:    77079 1d99337aa5734ab47878c706c1cd16e7
    http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz
      Size/MD5 checksum:  5443051 663add9b5942be74a86fa860a3fa4167

  Architecture independent components:

    krb5-doc_1.2.4-5woody5_all.deb
      Size/MD5 checksum:   514592 b608f9f7c599049696daa569a9a9c95b

  Alpha architecture:

    krb5-admin-server_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   253392 39dace8011ec70211cafe7482a464bef
    krb5-clients_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   217158 2eec6d86a559c9bf151b06bb55916347
    krb5-ftpd_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    62608 6ad21c730aa61227f335042c83057e35
    krb5-kdc_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   251804 32c06efac81f7f875e993e7f6343ee10
    krb5-rsh-server_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    76040 2e6e74208a9c7f401c23076d32e29d3d
    krb5-telnetd_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    58704 897ad549370be37234179d87084012e9
    krb5-user_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   207166 60ec8f0d5f60af7e03f18d68bdd1bfc3
    libkadm55_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    83328 49d5415c510a3b16b0c7e6831d6295d1
    libkrb5-dev_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   632940 b5feb5c5d4ffb4dcc36607fb6c094ddd
    libkrb53_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   367114 1126cddacb3eb385c363cc24bd8ccf30

  ARM architecture:

    krb5-admin-server_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   196910 00f2c6dc3b783b559418d3acaae9ccc4
    krb5-clients_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   160204 6fbdbe00198ac08c127da7b605cb4401
    krb5-ftpd_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    48382 06c5be009cd9391342dfc97e18cc1c11
    krb5-kdc_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   198234 7a6fc77bf7307de8f5cb7ab203586e94
    krb5-rsh-server_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    63316 8e5b77aaefc5319b730b24ebd39d4c6d
    krb5-telnetd_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    48952 1c46d9156b91cfbe3bf2a7b2406c4d19
    krb5-user_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   165652 654f978cf8e21e1928b08ee344fda8da
    libkadm55_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    73122 f5052a8743c4fd1434fba81040c39dd2
    libkrb5-dev_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   492900 fce4b2e7bd8c66896bf181900fb61ec7
    libkrb53_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   294728 f689f57b800b125f4ba3d3d5043dcb68

  Intel IA-32 architecture:

    krb5-admin-server_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   178772 5088ddd2621dbab5c59dc5e249240a1b
    krb5-clients_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   155952 07fce3180d9959b4dfee76c6c120b6c0
    krb5-ftpd_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    45954 fe40c7fa5d4f67652b43df8e96ec3f17
    krb5-kdc_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   178500 774028ad020dea596125afc6d52a7085
    krb5-rsh-server_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    61142 6995fa078363df683f8f4bafab474733
    krb5-telnetd_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    46264 d53bc6f536632e486599e65e9e36542e
    krb5-user_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   154706 1f2eeeed38ab36e5f2f7a523736505bf
    libkadm55_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    71530 a67b57f513523801f85c7b65f8963f8c
    libkrb5-dev_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   433428 968fa83dd497f71dd640f8b4e6974375
    libkrb53_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   293446 53eeba2cb4ff3b08f75c9f7d368ee843

  Intel IA-64 architecture:

    krb5-admin-server_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   321946 6ca872f52aedae772327b697dfde71b6
    krb5-clients_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   266092 f41935d16d8afb9a472a10784c3a7553
    krb5-ftpd_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    73348 0436c2b34fb854802246cc38b4a9a4c3
    krb5-kdc_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   321900 7d6ff9cb6b640a17a3dca04b641a879b
    krb5-rsh-server_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    91638 98299fc14a6c8011348a6d67219636b7
    krb5-telnetd_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    70292 81cc3db5ee795199744e3d991eff172d
    krb5-user_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   255894 bdd40f67173113249af37954a68925e6
    libkadm55_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   106954 c2fa05c6b6899f53c5c7efbdaac3f0e7
    libkrb5-dev_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   705264 eeb1f09bf20f6f336da6b4c65e982e45
    libkrb53_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   474326 834b32c98301ac138e00442262281f06

  HP Precision architecture:

    krb5-admin-server_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   214284 152da60f5b2d3aadf5d34a90758b52e0
    krb5-clients_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   189510 d19d97ccc0096676387ecb66292e98a1
    krb5-ftpd_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    53670 21e95a71a01d673273bed6c7e960f577
    krb5-kdc_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   213770 d04452049be7561471f2c0d7a839a74d
    krb5-rsh-server_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    68366 9757bc2a367432d6287709920b5996b0
    krb5-telnetd_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    55492 9bb3a916db98c1001c8330751e6d8505
    krb5-user_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   182678 c499c90b82536f7af26c79ccbdf7bb9f
    libkadm55_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    84616 c6163555a4f4e93fb56eb19afab8970d
    libkrb5-dev_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   557526 46404537730a0fcd7e66ba20221004ba
    libkrb53_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   361794 2247c6ec0ee126dce4280d317ea5fe4a

  Motorola 680x0 architecture:

    krb5-admin-server_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   163994 64e2e6b310f729a633868e0dcff92cc5
    krb5-clients_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   144502 6d9020501770a02d1b5edf62d7187e58
    krb5-ftpd_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    44132 d4af8c3649f93e71c44a1b373e0b80c3
    krb5-kdc_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   163732 c30ef8c45ef46b816b00336eed65a902
    krb5-rsh-server_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    56650 85224bbf810310a04e0f254dd0e13bb4
    krb5-telnetd_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    44432 001261117d31c9e610b49066044fd438
    krb5-user_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   145748 78d472cdafa35eb0bd7e4cb75b0623b0
    libkadm55_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    69570 127110f20badf11f06b1fd09911b4975
    libkrb5-dev_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   408486 0f5ecf090b19fee6c02d8ee4f6f6b701
    libkrb53_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   276790 ea346ea12c2f36680bbb73253e8a67ec

  Big endian MIPS architecture:

    krb5-admin-server_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   206332 4f409bdcd19dbcd63a919158504330b6
    krb5-clients_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   190876 da73ca10271b7ab992201fa1e8865e0b
    krb5-ftpd_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    53108 e3697a84791b6c9c94dd2090d2393abc
    krb5-kdc_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   209248 cf57ebb6de38746cb2554185a86db959
    krb5-rsh-server_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    66188 c359609fa890dffdebb6bab042fa30f1
    krb5-telnetd_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    54668 c95a9cc71275c1ffe74caed804e1e4e9
    krb5-user_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   175086 f14ebe5e1493c320ca5eabf7661d83d3
    libkadm55_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    71782 fcdf07c4a596cc203e69e1b3fa61a9b7
    libkrb5-dev_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   540812 5fe78475feb1237afc53c9cfc6235ba0
    libkrb53_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   308072 a073afa9cb406e7e9b87c411fe71e7cf

  Little endian MIPS architecture:

    krb5-admin-server_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   210428 c57ae1baeb412e9e39bffaf3e6eafc19
    krb5-clients_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   190584 d9637a661a7d76b4d2ac7ce2d2ebdfe9
    krb5-ftpd_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    53304 b748e107e9ae4c5c6b43d71ff0f1c82c
    krb5-kdc_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   212884 cf8b846996cc4dd9a563c164134dfcb9
    krb5-rsh-server_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    66512 82eda58a3c77d89563d230c2f4a471f2
    krb5-telnetd_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    54538 6a80de80f46ad13cb4545991776c98fd
    krb5-user_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   176876 5bbd1da8fca246767e66d711630cb6b1
    libkadm55_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    71580 11dac89ceff65cc4da44337b3027e7b8
    libkrb5-dev_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   540372 72c5320274b851ea31d485e8c9d07116
    libkrb53_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   306698 859c21ad06284485f0b7f1fead9da1b1

  PowerPC architecture:

    krb5-admin-server_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   188054 363da150a42cee7367583fdfc90c6bf9
    krb5-clients_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   163744 b395a1a41eff5721d6351518ea572610
    krb5-ftpd_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    48964 b3896b0ac107e00a5ab3da1098c6a4cf
    krb5-kdc_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   189144 fb6a9fcd6528aea01560c1ee4c94b2f1
    krb5-rsh-server_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    62322 f872293b6c1b9ba9e2e035ace829507d
    krb5-telnetd_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    48928 a76a17aef53d694b4c560118f388cb03
    krb5-user_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   162398 cf177c01953e47e566de40280bd08b46
    libkadm55_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    73534 3dff6d87ccbc7b2fd66d98d483c7bb00
    libkrb5-dev_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   490456 aad2e60648fb2fc71c8146d3404985b1
    libkrb53_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   303092 e2b1effe6d3946de748e35e386759ee4

  IBM S/390 architecture:

    krb5-admin-server_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   188904 6fc5f0333f635e8f047e17085abf3270
    krb5-clients_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   166020 35b74993495f29d9bfa72d4aa988971d
    krb5-ftpd_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    49892 cec7b75924c666072d43be9a87ae3dc4
    krb5-kdc_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   190238 f6bc7f11baea1fbee5c453877166f7ca
    krb5-rsh-server_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    66682 081a0113d851220733e9f6d208280a90
    krb5-telnetd_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    49868 b920cb787b60dbbcbb89e43d8b6a4702
    krb5-user_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   164036 3416a67ab9ea1af7a39a8456f49c86df
    libkadm55_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    76076 fceff5bf712f16a0ea788e5f74ba21a5
    libkrb5-dev_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   452962 29b7633718ca8389ab0c2e011e5f9be7
    libkrb53_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   319182 95ff63b6ea8ab3bf573c5efaea5334da

  Sun Sparc architecture:

    krb5-admin-server_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   183032 341a9fb2d89ea7d685e3b5a3365c59ce
    krb5-clients_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   172630 023d4ea8ff07488b730d956443159d9c
    krb5-ftpd_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    49378 c575434808db59920f3463adfa046cfd
    krb5-kdc_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   183982 0aa7443dd53e7f53cd1b872c6fcbabdb
    krb5-rsh-server_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    63998 cbcd6b93ae18a1383ce8f8e2e5868ba9
    krb5-telnetd_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    49336 71527610b9405d3edcf4c7e0fa192334
    krb5-user_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   159144 51fa34206e1a4de013fbb3991bdc33b2
    libkadm55_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    72884 a209925e53a9d35354cef146aa7cf392
    libkrb5-dev_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   462462 1035d9e5f0450c933cf79add5540a646
    libkrb53_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   300906 5333154983b684450cb5a4c702216542

  These files will probably be moved into the stable distribution on
  its next revision.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA0QJSArxCt0PiXR4RAn/1AJ44Z+oGkhWfO+M0Y15Wv/TBSdRYDACeIGLo
X2uJv+17KQFGR6KqZsSFse8=
=EXrB
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung