MDKSA-2007:077

Nom du paquet
krb5
Date
2007-04-04
Advisory ID
MDKSA-2007:077
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

A vulnerability was found in the username handling of the MIT krb5
telnet daemon. A remote attacker that could access the telnet port
of a target machine could login as root without requiring a password
(CVE-2007-0956).

Buffer overflows in the kadmin server daemon were discovered that could
be exploited by a remote attacker able to access the KDC. Successful
exploitation could allow for the execution of arbitrary code with the
privileges of the KDC or kadmin server processes (CVE-2007-0957).

Finally, a double-free flaw was discovered in the GSSAPI library used
by the kadmin server daemon, which could lead to a denial of service
condition or the execution of arbitrary code with the privileges of
the KDC or kadmin server processes (CVE-2007-1216).

Updated packages have been patched to address this issue.

Updated packages

CS4.0 x86_64

 d4b0719081f93a1806868f24f8100b0c  corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 ee3b47806dd47f634b97b0dba99f80f2  corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 64d9d4d773b6aed752db77ec282d7c3e  corporate/4.0/x86_64/krb5-server-1.4.3-5.2.20060mlcs4.x86_64.rpm
 62426e65d7b5662f27c185a92f353c98  corporate/4.0/x86_64/krb5-workstation-1.4.3-5.2.20060mlcs4.x86_64.rpm
 65f8e462a0333caec9512aabe944d9ab  corporate/4.0/x86_64/lib64krb53-1.4.3-5.2.20060mlcs4.x86_64.rpm
 811fbfdcfa723937dbfc2af3670baa70  corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.2.20060mlcs4.x86_64.rpm
 6b2c5735bcc66849bbae68cfae669535  corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm
 e4fb528ecf1d98fdae0d76c873d6b88f  corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm 
 e646f77683f9ebc6591be949bc8208bc  corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm

MNF2.0 i586

 eec7136889615016b562fcf56cd38202  mnf/2.0/i586/libkrb51-1.3-6.8.M20mdk.i586.rpm 
 b64b6185d2a648f74b2f024acf4bab01  mnf/2.0/SRPMS/krb5-1.3-6.8.M20mdk.src.rpm

2006.0 i586

 f76875e9839deaf87628a3c7e0a81632  2006.0/i586/ftp-client-krb5-1.4.2-2.2.20060mdk.i586.rpm
 d2448392e0c350d3ca488d2e73e57f6d  2006.0/i586/ftp-server-krb5-1.4.2-2.2.20060mdk.i586.rpm
 42e6330603ecaed04ea0649f7050a4c1  2006.0/i586/krb5-server-1.4.2-2.2.20060mdk.i586.rpm
 adadd1cad1f1bc5f01809a508d2b8fd1  2006.0/i586/krb5-workstation-1.4.2-2.2.20060mdk.i586.rpm
 ab8987522600f8e629901563e3be90c2  2006.0/i586/libkrb53-1.4.2-2.2.20060mdk.i586.rpm
 7d70bb7bb821c3e91e9d062330528815  2006.0/i586/libkrb53-devel-1.4.2-2.2.20060mdk.i586.rpm
 f4104abdc22e16574bcddde0a178d935  2006.0/i586/telnet-client-krb5-1.4.2-2.2.20060mdk.i586.rpm
 110f54ead0abc486faa1f2b47057122b  2006.0/i586/telnet-server-krb5-1.4.2-2.2.20060mdk.i586.rpm 
 8cc03b4b7cc34cb3c2b53e4f9f9b73dd  2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm

2007.0 x86_64

 02a5ebc046e0cb9133162ce621fb3b1f  2007.0/x86_64/ftp-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 0a2b6ae87af0ed4ec445b65531d3408a  2007.0/x86_64/ftp-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 e2958d861bb45c52be5cad5bbf08ef35  2007.0/x86_64/krb5-server-1.4.3-6.1mdv2007.0.x86_64.rpm
 fac1f28b2c5a2065ffa772e2e1cb6d70  2007.0/x86_64/krb5-workstation-1.4.3-6.1mdv2007.0.x86_64.rpm
 36bcd1fb2e859c637256680ca4fc468b  2007.0/x86_64/lib64krb53-1.4.3-6.1mdv2007.0.x86_64.rpm
 7d936ed2b1441714205e987bd63a2ec5  2007.0/x86_64/lib64krb53-devel-1.4.3-6.1mdv2007.0.x86_64.rpm
 4754b9b3ce36cad7d3dfa852a03d7fe0  2007.0/x86_64/telnet-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm
 71832a8dcf70b4e46b0bb9bc3343860d  2007.0/x86_64/telnet-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm 
 87c94334c61bc67e3ef95e930ee72149  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

2007.0 i586

 6dfbc8eef1479cce19c957bbed4457aa  2007.0/i586/ftp-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 54ff3fe8a117603f8700e96f34a1b33a  2007.0/i586/ftp-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 2caf0205301d01a6be4ad1506944ba39  2007.0/i586/krb5-server-1.4.3-6.1mdv2007.0.i586.rpm
 b7b4a4f4b1fa356ca6468ffece1dfce8  2007.0/i586/krb5-workstation-1.4.3-6.1mdv2007.0.i586.rpm
 ab253c6ad6ecd7c15c1d150f5ed34091  2007.0/i586/libkrb53-1.4.3-6.1mdv2007.0.i586.rpm
 f192ef28bb37286be1e291761d3ced9c  2007.0/i586/libkrb53-devel-1.4.3-6.1mdv2007.0.i586.rpm
 d208fcaa1c5069c657815061ed3b2687  2007.0/i586/telnet-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm
 0f95ea728eca0962591d142c74238700  2007.0/i586/telnet-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm 
 87c94334c61bc67e3ef95e930ee72149  2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm

CS3.0 x86_64

 effb08ab8684a97a591c8112d146e827  corporate/3.0/x86_64/ftp-client-krb5-1.3-6.8.C30mdk.x86_64.rpm
 110e5a4422f57c7c7db46967f265ed20  corporate/3.0/x86_64/ftp-server-krb5-1.3-6.8.C30mdk.x86_64.rpm
 a178af307e6c416bb77b9dc45ff49ac6  corporate/3.0/x86_64/krb5-server-1.3-6.8.C30mdk.x86_64.rpm
 b84aab804554143cf1a9ce511a42a81a  corporate/3.0/x86_64/krb5-workstation-1.3-6.8.C30mdk.x86_64.rpm
 a122ef49d58a704d321297eea594b3f6  corporate/3.0/x86_64/lib64krb51-1.3-6.8.C30mdk.x86_64.rpm
 b68729b8c2d401fec19beb5ad68006e7  corporate/3.0/x86_64/lib64krb51-devel-1.3-6.8.C30mdk.x86_64.rpm
 63482694130642c1e156054e9a944d3a  corporate/3.0/x86_64/telnet-client-krb5-1.3-6.8.C30mdk.x86_64.rpm
 52c1eada2b3104f8387f2b5eee0c5e92  corporate/3.0/x86_64/telnet-server-krb5-1.3-6.8.C30mdk.x86_64.rpm 
 b76e0f3069504ba96ed29c13f8f8d9b6  corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm

CS4.0 i586

 0b6d63d25604e886c74688f5189e3d99  corporate/4.0/i586/ftp-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 8f0ddc6328ca242f74d1238d7c42a097  corporate/4.0/i586/ftp-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 50f2d47b6c02cff492bb0a39073f9ad4  corporate/4.0/i586/krb5-server-1.4.3-5.2.20060mlcs4.i586.rpm
 dc869f11fab9a71c5970fa7b574276bf  corporate/4.0/i586/krb5-workstation-1.4.3-5.2.20060mlcs4.i586.rpm
 2961482510210a3ceec020566b4fd370  corporate/4.0/i586/libkrb53-1.4.3-5.2.20060mlcs4.i586.rpm
 49954e190e4e672b5437d36a4d9befaa  corporate/4.0/i586/libkrb53-devel-1.4.3-5.2.20060mlcs4.i586.rpm
 204894da33e23e65f71b73dc538262da  corporate/4.0/i586/telnet-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm
 ae51fdd37d52903ecc548fa7b66f0129  corporate/4.0/i586/telnet-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm 
 e646f77683f9ebc6591be949bc8208bc  corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm

CS3.0 i586

 02c99157c7a70bcf69309e4ef15dd886  corporate/3.0/i586/ftp-client-krb5-1.3-6.8.C30mdk.i586.rpm
 3f58daeaaed40d88f74507049966df22  corporate/3.0/i586/ftp-server-krb5-1.3-6.8.C30mdk.i586.rpm
 3703251ed231c0df3bc0d2477ef77f6a  corporate/3.0/i586/krb5-server-1.3-6.8.C30mdk.i586.rpm
 ff9ca353c32ed0c0a655ef9a4179c751  corporate/3.0/i586/krb5-workstation-1.3-6.8.C30mdk.i586.rpm
 de0c33d4bc2fc6b61d365f91e366bd67  corporate/3.0/i586/libkrb51-1.3-6.8.C30mdk.i586.rpm
 5fac8b79343bef871b450524682b5c68  corporate/3.0/i586/libkrb51-devel-1.3-6.8.C30mdk.i586.rpm
 4a0216e5afa5ec83523e5cfdcd6fda24  corporate/3.0/i586/telnet-client-krb5-1.3-6.8.C30mdk.i586.rpm
 ae5eed1f6591a785f4093924d98d640f  corporate/3.0/i586/telnet-server-krb5-1.3-6.8.C30mdk.i586.rpm 
 b76e0f3069504ba96ed29c13f8f8d9b6  corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm

2006.0 x86_64

 0f2d7c3fc50552aa586dd6c5b12a5b85  2006.0/x86_64/ftp-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 bbd94e005c67b4b94cf544b736028416  2006.0/x86_64/ftp-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 f406f21d7b210ae6d489c77c15d34a60  2006.0/x86_64/krb5-server-1.4.2-2.2.20060mdk.x86_64.rpm
 9d00284ec202ed44e63266698a1d85e6  2006.0/x86_64/krb5-workstation-1.4.2-2.2.20060mdk.x86_64.rpm
 8ca28a4cc9eb7f292a1d73b975740fab  2006.0/x86_64/lib64krb53-1.4.2-2.2.20060mdk.x86_64.rpm
 565b9a19c5cf7b94dcf28e1bc1e21d2e  2006.0/x86_64/lib64krb53-devel-1.4.2-2.2.20060mdk.x86_64.rpm
 5c931d032ce9d3ed91a4e4b04f20bfb8  2006.0/x86_64/telnet-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm
 27b39ae245a43322d4abbb4191da56ac  2006.0/x86_64/telnet-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm 
 8cc03b4b7cc34cb3c2b53e4f9f9b73dd  2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm

References