- Advisory ID
- Betroffene Versionen
- 9.1 i586 , 9.1 i586
Multiple vulnerabilties have been found in the Kerberos network authentication system. The MIT Kerberos team have released an advisory detailing these vulnerabilties, a description of which follows. An integer signedness error in the ASN.1 decoder before version 1.2.5 allows remote attackers to cause a crash of the server via a large unsigned data element length, which is later used as a negative value (CAN-2002-0036). Mandrake Linux 9.0+ is not affected by this problem. Vulnerabilties have been found in the RPC library used by the kadmin service. A faulty length check in the RPC library exposes kadmind to an integer overflow which can be used to crash kadmind (CAN-2003-0028). The KDC (Key Distribution Center) before version 1.2.5 allows remote, authenticated attackers to cause a crash on KDCs within the same realm using a certain protocol that causes a null dereference (CAN-2003-0058). Mandrake Linux 9.0+ is not affected by this problem. Users from one realm can impersonate users in other realms that have the same inter-realm keys due to a vulnerability in Kerberos 1.2.3 and earlier (CAN-2003-0059). Mandrake Linux 9.0+ is not affected by this problem. The KDC allows remote, authenticated users to cause a crash on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (CAN-2003-0072). The KDC allows remote, authenticated users to cause a crash on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (CAN-2003-0082). Vulnerabilities have been discovered in the Kerberos IV authentication protocol which allow an attacker with knowledge of a cross-realm key, which is shared in another realm, to impersonate a principle in that realm to any service in that realm. This vulnerability can only be closed by disabling cross-realm authentication in Kerberos IV (CAN-2003-0138). Vulnerabilities have been discovered in the support for triple-DES keys in the Kerberos IV authentication protocol which is included in MIT Kerberos (CAN-2003-0139). MandrakeSoft encourages all users to upgrade to these updated packages immediately which contain patches to correct all of the previously noted vulnerabilities. These packages also disable Kerberos IV cross-realm authentication by default. Update: The packages for Mandrake Linux 9.1 and 9.1/PPC were not GPG-signed. This has been fixed and as a result the md5sums have changed. Thanks to Mark Lyda for pointing this out.
dead011c5b9fcff8dccef79ae9584d4d ppc/9.1/RPMS/ftp-client-krb5-1.2.7-1.1mdk.ppc.rpm 8a6960bcfc54df727be98283fe984de7 ppc/9.1/RPMS/ftp-server-krb5-1.2.7-1.1mdk.ppc.rpm d56571ffa654d314b704bc777373da3a ppc/9.1/RPMS/krb5-devel-1.2.7-1.1mdk.ppc.rpm 4072ba264aef71ddb37d7f1284e42c80 ppc/9.1/RPMS/krb5-libs-1.2.7-1.1mdk.ppc.rpm 100923fc7597e018e25e6b4dc9433dd6 ppc/9.1/RPMS/krb5-server-1.2.7-1.1mdk.ppc.rpm b1452027bd5b71fc523bdce2c29cccfd ppc/9.1/RPMS/krb5-workstation-1.2.7-1.1mdk.ppc.rpm ad05b9eb1b2010f650ae433e46e717bd ppc/9.1/RPMS/telnet-client-krb5-1.2.7-1.1mdk.ppc.rpm fd4abfb72135d3baba64927d432b863f ppc/9.1/RPMS/telnet-server-krb5-1.2.7-1.1mdk.ppc.rpm 3767fc890e9bb238de9e86a4a954e51f ppc/9.1/SRPMS/krb5-1.2.7-1.1mdk.src.rpm
43e10186ecad8f489b4718ba3a508f0e 9.1/RPMS/ftp-client-krb5-1.2.7-1.1mdk.i586.rpm 2560a129ff724a914540af2c6869770b 9.1/RPMS/ftp-server-krb5-1.2.7-1.1mdk.i586.rpm 08f474f1d6d538412c7eb28fb3a340f0 9.1/RPMS/krb5-devel-1.2.7-1.1mdk.i586.rpm 31e72fb15daaf204659937afe095591a 9.1/RPMS/krb5-libs-1.2.7-1.1mdk.i586.rpm 3e60cb85aa33538d0b023b4204546db0 9.1/RPMS/krb5-server-1.2.7-1.1mdk.i586.rpm c772a662c64fe7b340876fe7c488189a 9.1/RPMS/krb5-workstation-1.2.7-1.1mdk.i586.rpm eee1a0c0e530850c917414b0d5a68204 9.1/RPMS/telnet-client-krb5-1.2.7-1.1mdk.i586.rpm e185249303aefd2d5d098f8b22f2b6fa 9.1/RPMS/telnet-server-krb5-1.2.7-1.1mdk.i586.rpm 3767fc890e9bb238de9e86a4a954e51f 9.1/SRPMS/krb5-1.2.7-1.1mdk.src.rpm