Sicherheit: Mehrere Probleme in krb5

Lesezeichen hinzufügen

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2008-20
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 16 Jun 2008
Last revised: 16 Jun 2008

Package: krb5

Summary: Four vulnerabilities discovered in krb5

More information:
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for
some krb4 message types, which allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code
via crafted messages that trigger a NULL pointer dereference
or double-free. (CVE-2008-0062)

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not
properly clear the unused portion of a buffer when generating an
error message, which might allow remote attackers to obtain sensitive
information, aka "Uninitialized stack values." (CVE-2008-0063)

Buffer overflow in the RPC library used by libgssrpc and kadmind
in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers
to execute arbitrary code by triggering a large number of open
file descriptors. (CVE-2008-0947)

Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used
by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and
probably other versions before 1.3, when running on systems
whose unistd.h does not define the FD_SETSIZE macro, allows
remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code by triggering a large number
of open file descriptors. (CVE-2008-0948)

Affected Products:
- Turbolinux 11 Server x64 Edition
- Turbolinux 11 Server

<Turbolinux 11 Server x64 Edition>

Source Packages
Size: MD5

krb5-1.6.2-6.src.rpm
15694136 2164e033af5b9fab1ac8f1e989e5d037

Binary Packages
Size: MD5

krb5-devel-1.6.2-6.x86_64.rpm
1183326 17beca80a2c47463f4b59dc374c123e5
krb5-libs-1.6.2-6.x86_64.rpm
647569 9c8558ed8499d7a5c168efeb3884dfa0
krb5-server-1.6.2-6.x86_64.rpm
792897 d7aac1eeb348f8304626ce3f6132664c
krb5-server-ldap-1.6.2-6.x86_64.rpm
100720 40b7533e3fbec8efec16fd4262a10307
krb5-workstation-1.6.2-6.x86_64.rpm
419278 f3bc804ad0ac2ec8be10ccddd5f646b8
krb5-workstation-clients-1.6.2-6.x86_64.rpm
281549 81b9bad638696d92376f5f39af5cd781
krb5-workstation-servers-1.6.2-6.x86_64.rpm
328828 1f82c7e6e9fdbbbdc8ddf3507c21096c

<Turbolinux 11 Server>

Source Packages
Size: MD5

krb5-1.6.2-6.src.rpm
15694136 2164e033af5b9fab1ac8f1e989e5d037

Binary Packages
Size: MD5

krb5-devel-1.6.2-6.i686.rpm
1182996 66103c59e6f7e83f7a384c0af6358459
krb5-libs-1.6.2-6.i686.rpm
594784 76f27ba0b06e005fd83fa3f2347ac4ac
krb5-server-1.6.2-6.i686.rpm
773580 2618fd0313bbe240f090e51628481107
krb5-server-ldap-1.6.2-6.i686.rpm
94822 93fd3dc621f3e19586612a1fd0debd5a
krb5-workstation-1.6.2-6.i686.rpm
406608 aeffd7e6b5ea9909e3751a84069b32e2
krb5-workstation-clients-1.6.2-6.i686.rpm
254299 e72727b32944dedde9718294e3165e4e
krb5-workstation-servers-1.6.2-6.i686.rpm
302565 6ca1203d342802402fe710c04fcf2169

References:

CVE
[CVE-2008-0062]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
[CVE-2008-0063]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
[CVE-2008-0947]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
[CVE-2008-0948]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948

--------------------------------------------------------------------------
Revision History
16 Jun 2008 Initial release
--------------------------------------------------------------------------

Copyright(C) 2008 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkhV5pYACgkQK0LzjOqIJMz8eACfTgQRDNKrgSqm8/0gT/81nw6M
EUIAnRxlwveMyml+BKPNRHsShIj4yMId
=X5AH
-----END PGP SIGNATURE-----