drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in krb5
Name: |
Mehrere Probleme in krb5 |
|
ID: |
DSA-3395-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian wheezy, Debian jessie, Debian stretch |
|
Datum: |
Sa, 7. November 2015, 11:59 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697 |
|
Applikationen: |
MIT Kerberos |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3395-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 06, 2015 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : krb5 CVE ID : CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 Debian Bug : 803083 803084 803088
Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2015-2695
It was discovered that applications which call gss_inquire_context() on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash.
CVE-2015-2696
It was discovered that applications which call gss_inquire_context() on a partially-established IAKERB context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash.
CVE-2015-2697
It was discovered that the build_principal_va() function incorrectly handles input strings. An authenticated attacker can take advantage of this flaw to cause a KDC to crash using a TGS request with a large realm field beginning with a null byte.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u4.
For the stable distribution (jessie), these problems have been fixed in version 1.12.1+dfsg-19+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 1.13.2+dfsg-3.
For the unstable distribution (sid), these problems have been fixed in version 1.13.2+dfsg-3.
We recommend that you upgrade your krb5 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJWPQNaAAoJEAVMuPMTQ89EYEkQAJBm5hBqyHJaJI9Pr1ZgrUd/ X8LKuhhak0T9R5uxh+3OunBKsmIU3bFZmljSHTGLpqD+L08kLA+ydRHHlP48fvQk enBzWYPUB4r0X3Ys/AoW0BzfA1ZSYaG8qSnwY5i0jyVPs7KOBATnHmj+Lv+btarB YmzIAq2SZza+pvMEyrZMRArkAzM33LFySNTcdzBz7MVvNq7yK3D0OdGJJVR6A13P vQ+yBNMbcXljOIi+amisqC5DD9lNfq84JeK8TKJC0qrURDsGzD8OLJ+VSUubeULF fYBxMn074RFxic2BtOp2Ns92zc0+PkCgu719amfFjSJ7UvSKRl5lVCBS5Tpq1V4l /besADZ9XqhxHgcAHPZl2Qclsy4ocoe/pcJtAacLMeKUBhPLPZdmJMDSxnsjK4Gf FugumQ5KeMV1hHLqWio7HDHlnynsJHdWJW65m6b1FyEj8IvW7aYBxELlkHRz393L B6VDjVsbu1rfHYGiTvReJNGJgDHoBRn6Oxw/t1h35/GC5jTsvRmYXeKnkNNq1O5h rSWOs+gTcCNDWOMJyc4690GG56FEuApidav9bcumzHXZYFH9lWstNmsFPX4wCshI RnfgPzrjd8fhQ+PLVD79pV4wXibbAuDf0MakCUTjY96nG5E/G5DnDNYUKh65/E3C v+AxuiDjbZ4j0vHn4Bv0 =FU4r -----END PGP SIGNATURE-----
|
|
|
|