MDKSA-2007:077-1

Package name

krb5

Date

2007-04-10

Advisory ID

MDKSA-2007:077-1

Affected versions

2007.1 i586 , 2007.1 x86_64

Problem description

A vulnerability was found in the username handling of the MIT krb5
telnet daemon. A remote attacker that could access the telnet port
of a target machine could login as root without requiring a password
(CVE-2007-0956).

Buffer overflows in the kadmin server daemon were discovered that could
be exploited by a remote attacker able to access the KDC. Successful
exploitation could allow for the execution of arbitrary code with
the privileges of the KDC or kadmin server processes (CVE-2007-0957).

Finally, a double-free flaw was discovered in the GSSAPI library used
by the kadmin server daemon, which could lead to a denial of service
condition or the execution of arbitrary code with the privileges of
the KDC or kadmin server processes (CVE-2007-1216).

Updated packages have been patched to address this issue.

Update:

Packages for Mandriva Linux 2007.1 are now available.

Updated packages

2007.1 i586

 5eae0ebe3be9e580c1c19ee041c9d72f  2007.1/i586/ftp-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm
 83dd6a9c403f9ea3bc32a40a64c98fbf  2007.1/i586/ftp-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm
 7fc832a70c77923aeec52cd309ee9c6f  2007.1/i586/krb5-server-1.5.2-6.1mdv2007.1.i586.rpm
 e54a01775aa24a1d9a08090b62b59a6c  2007.1/i586/krb5-workstation-1.5.2-6.1mdv2007.1.i586.rpm
 cfeabf699713ff757eb646ab681a6acc  2007.1/i586/libkrb53-1.5.2-6.1mdv2007.1.i586.rpm
 c3bf54b449ec81b27a7ca5a41dff9a7a  2007.1/i586/libkrb53-devel-1.5.2-6.1mdv2007.1.i586.rpm
 801cd83b96ebcd8f3ca425543f1f63a5  2007.1/i586/telnet-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm
 0568ed507d58f76302071b197d9523cc  2007.1/i586/telnet-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm 
 5e774ba6ce43122995ac39c43164d092  2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm

2007.1 x86_64

 392287e6ad669fd9321a9de1c85796d8  2007.1/x86_64/ftp-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
 68349333c7611dee78c814ea4fc2d9f2  2007.1/x86_64/ftp-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
 a651024d2b42bc67033287e6795db6b5  2007.1/x86_64/krb5-server-1.5.2-6.1mdv2007.1.x86_64.rpm
 28cd0236420330bb839b8e39ef2949c2  2007.1/x86_64/krb5-workstation-1.5.2-6.1mdv2007.1.x86_64.rpm
 690eb27a9d90ab5319f70ea8f7326be4  2007.1/x86_64/lib64krb53-1.5.2-6.1mdv2007.1.x86_64.rpm
 058d267b757c9ba63200e26f258100c3  2007.1/x86_64/lib64krb53-devel-1.5.2-6.1mdv2007.1.x86_64.rpm
 d1bed5a3c84f0cc3e96d4760faa33477  2007.1/x86_64/telnet-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
 ee1b6269c10f066d8fbd6ee2d0c2c818  2007.1/x86_64/telnet-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm 
 5e774ba6ce43122995ac39c43164d092  2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
• http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt
• http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt
• http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-003.txt