Paketname
krb5
Datum
2011-01-09
Advisory ID
MDVSA-2011:025
Betroffene Versionen
MES5 i586 , MES5 x86_64 , 2010.1 i586 , 2010.1 x86_64

Problembeschreibung

Multiple vulnerabilities were discovered and corrected in krb5:

The MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to
a denial-of-service attack triggered by invalid network input. If a
kpropd worker process receives invalid input that causes it to exit
with an abnormal status, it can cause the termination of the listening
process that spawned it, preventing the slave KDC it was running on
From receiving database updates from the master KDC (CVE-2010-4022).

The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable
to denial of service attacks from unauthenticated remote attackers
(CVE-2011-0281, CVE-2011-0282).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

MES5 i586

 9195a6f446623619ecca9433108b8ce2  mes5/i586/krb5-1.8.1-0.4mdvmes5.1.i586.rpm
 d0de4724705b78ebaccdc0f1e332bdc0  mes5/i586/krb5-pkinit-openssl-1.8.1-0.4mdvmes5.1.i586.rpm
 c573a00957ba2f5c9f813bf66d2639b6  mes5/i586/krb5-server-1.8.1-0.4mdvmes5.1.i586.rpm
 d8e5bb51f39680e0e034864f3c7ab389  mes5/i586/krb5-server-ldap-1.8.1-0.4mdvmes5.1.i586.rpm
 a6d37c289467daf9ec6be7386fd08804  mes5/i586/krb5-workstation-1.8.1-0.4mdvmes5.1.i586.rpm
 5fe3268dc275b2255503b45b9dad1710  mes5/i586/libkrb53-1.8.1-0.4mdvmes5.1.i586.rpm
 9fa6291f9bcf123e151743681c197e20  mes5/i586/libkrb53-devel-1.8.1-0.4mdvmes5.1.i586.rpm 
 f3636ce525a3743da670335fad739b4d  mes5/SRPMS/krb5-1.8.1-0.4mdvmes5.1.src.rpm

MES5 x86_64

 e8f92b4b8d9e80929bc40df9398e7407  mes5/x86_64/krb5-1.8.1-0.4mdvmes5.1.x86_64.rpm
 c7c9cc07256630ad3580ac8af6fd1731  mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.4mdvmes5.1.x86_64.rpm
 da836bd502a81c68e486a59e0dc59576  mes5/x86_64/krb5-server-1.8.1-0.4mdvmes5.1.x86_64.rpm
 1b4f41d239d1e17b460711961a4be093  mes5/x86_64/krb5-server-ldap-1.8.1-0.4mdvmes5.1.x86_64.rpm
 0f63908285e6aba326b1af6b40456385  mes5/x86_64/krb5-workstation-1.8.1-0.4mdvmes5.1.x86_64.rpm
 a8d6ded793ecdfd542557a2ce625f212  mes5/x86_64/lib64krb53-1.8.1-0.4mdvmes5.1.x86_64.rpm
 3ad9fe51b83ba903dd347aae73bd8e09  mes5/x86_64/lib64krb53-devel-1.8.1-0.4mdvmes5.1.x86_64.rpm 
 f3636ce525a3743da670335fad739b4d  mes5/SRPMS/krb5-1.8.1-0.4mdvmes5.1.src.rpm

2010.1 i586

 4257cc617b96c71c95256eab33442bc2  2010.1/i586/krb5-1.8.1-5.3mdv2010.2.i586.rpm
 025655b729ac32712c54f801849e93c2  2010.1/i586/krb5-pkinit-openssl-1.8.1-5.3mdv2010.2.i586.rpm
 b690a8719f533a29ae7f92397b8c89fd  2010.1/i586/krb5-server-1.8.1-5.3mdv2010.2.i586.rpm
 60cf99234bd79802947425404eb4493b  2010.1/i586/krb5-server-ldap-1.8.1-5.3mdv2010.2.i586.rpm
 adab88a879966d2a0daf4d17bfd288fc  2010.1/i586/krb5-workstation-1.8.1-5.3mdv2010.2.i586.rpm
 a481d252c831d40de9d7ccf00403105e  2010.1/i586/libkrb53-1.8.1-5.3mdv2010.2.i586.rpm
 b031d51a205194decf50c5187e0d0e50  2010.1/i586/libkrb53-devel-1.8.1-5.3mdv2010.2.i586.rpm 
 a2e5bcabf3633d6f32c214b03f1252eb  2010.1/SRPMS/krb5-1.8.1-5.3mdv2010.2.src.rpm

2010.1 x86_64

 586ecee11e45dc3266f172a58169a945  2010.1/x86_64/krb5-1.8.1-5.3mdv2010.2.x86_64.rpm
 d9418b6bfe4aff10c9de32d08a4cd4fc  2010.1/x86_64/krb5-pkinit-openssl-1.8.1-5.3mdv2010.2.x86_64.rpm
 31a9d6629d25eea120fbd11853e25e0c  2010.1/x86_64/krb5-server-1.8.1-5.3mdv2010.2.x86_64.rpm
 7fd34307e298b4f47970d3c77851ecdb  2010.1/x86_64/krb5-server-ldap-1.8.1-5.3mdv2010.2.x86_64.rpm
 42552d1978fc6e66c3d7138da59b103d  2010.1/x86_64/krb5-workstation-1.8.1-5.3mdv2010.2.x86_64.rpm
 362506d043aa087dcb743a0a3aa4f687  2010.1/x86_64/lib64krb53-1.8.1-5.3mdv2010.2.x86_64.rpm
 f5f376d22fe98cdb7ec542c9a917873a  2010.1/x86_64/lib64krb53-devel-1.8.1-5.3mdv2010.2.x86_64.rpm 
 a2e5bcabf3633d6f32c214b03f1252eb  2010.1/SRPMS/krb5-1.8.1-5.3mdv2010.2.src.rpm

Referenzen