Nom du paquet
krb5
Date
2007-09-07
Advisory ID
MDKSA-2007:174-1
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2007.1 x86_64

Problem description

A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network Security.
A remote unauthenticated user who could access kadmind would be
able to trigger the flaw and cause it to crash (CVE-2007-3999).
This issue is only applicable to Kerberos 1.4 and higher.

Garrett Wollman found an uninitialized pointer vulnerability in
kadmind which a remote unauthenticated attacker able to access
kadmind could exploit to cause kadmind to crash (CVE-2007-4000).
This issue is only applicable to Kerberos 1.5 and higher.

Update:

The MIT Kerberos Team found a problem with the originally published
patch for CVE-2007-3999. A remote unauthenticated attacker able to
access kadmind could trigger this flaw and cause kadmind to crash.

Updated packages have been patched to prevent these issues.

Updated packages

2007.0 x86_64

 76c6076fb394cb1e6a34efbdeafaf3fb  2007.0/x86_64/ftp-client-krb5-1.4.3-7.3mdv2007.0.x86_64.rpm
 cf36e6aaadcc95291844141ffec84b6a  2007.0/x86_64/ftp-server-krb5-1.4.3-7.3mdv2007.0.x86_64.rpm
 566861d1361f49c2f0dbcdf8e48e7d19  2007.0/x86_64/krb5-server-1.4.3-7.3mdv2007.0.x86_64.rpm
 ddcd64edca9d6f32ac1396347def2fde  2007.0/x86_64/krb5-workstation-1.4.3-7.3mdv2007.0.x86_64.rpm
 bfead2512afb2cdaec99a14b59ad8798  2007.0/x86_64/lib64krb53-1.4.3-7.3mdv2007.0.x86_64.rpm
 41c934c4f221f9970b0b0405c478d5a6  2007.0/x86_64/lib64krb53-devel-1.4.3-7.3mdv2007.0.x86_64.rpm
 e148449570b5e44bc865be67fb4d8fbb  2007.0/x86_64/telnet-client-krb5-1.4.3-7.3mdv2007.0.x86_64.rpm
 12a96915ef3fdfeff0edd9374fd1d86c  2007.0/x86_64/telnet-server-krb5-1.4.3-7.3mdv2007.0.x86_64.rpm 
 e10dddb3abb9ef921e68e85a5e947bce  2007.0/SRPMS/krb5-1.4.3-7.3mdv2007.0.src.rpm

2007.1 i586

 4d8ae8f6655402654bdecde37f134501  2007.1/i586/ftp-client-krb5-1.5.2-6.5mdv2007.1.i586.rpm
 d648349e1cee3d1876bb6168bea99d99  2007.1/i586/ftp-server-krb5-1.5.2-6.5mdv2007.1.i586.rpm
 06690dcce28953d6f442820efa563b2d  2007.1/i586/krb5-server-1.5.2-6.5mdv2007.1.i586.rpm
 c0b22ae04818c3a92ea098ec0584dd21  2007.1/i586/krb5-workstation-1.5.2-6.5mdv2007.1.i586.rpm
 ec8417251e0610297c42ddd744a61f9c  2007.1/i586/libkrb53-1.5.2-6.5mdv2007.1.i586.rpm
 168066b3fcfe8e037447fac8dd74830d  2007.1/i586/libkrb53-devel-1.5.2-6.5mdv2007.1.i586.rpm
 e8083813a4a6b392e5e4099dd5630678  2007.1/i586/telnet-client-krb5-1.5.2-6.5mdv2007.1.i586.rpm
 c41ad767966c0cc643877c62644c20b3  2007.1/i586/telnet-server-krb5-1.5.2-6.5mdv2007.1.i586.rpm 
 cc86958987c9c35d6c7118be0d488370  2007.1/SRPMS/krb5-1.5.2-6.5mdv2007.1.src.rpm

2007.0 i586

 3d83b2409d25f194069ee90274d9159d  2007.0/i586/ftp-client-krb5-1.4.3-7.3mdv2007.0.i586.rpm
 d509fce00934c47cde4f090ba59b5810  2007.0/i586/ftp-server-krb5-1.4.3-7.3mdv2007.0.i586.rpm
 f5a8a333b2a33e8c50064fb166da4a11  2007.0/i586/krb5-server-1.4.3-7.3mdv2007.0.i586.rpm
 a664fd3ef5f93ebbc7ffb9180f8adecf  2007.0/i586/krb5-workstation-1.4.3-7.3mdv2007.0.i586.rpm
 3f0c1ac43781df962801b49c30721626  2007.0/i586/libkrb53-1.4.3-7.3mdv2007.0.i586.rpm
 e1c1788aef8043b3569f7b0ce2cfe025  2007.0/i586/libkrb53-devel-1.4.3-7.3mdv2007.0.i586.rpm
 04351e31eaf733ec9231c51de5a90b7d  2007.0/i586/telnet-client-krb5-1.4.3-7.3mdv2007.0.i586.rpm
 f331c4f837de9e2c51af48a75890c560  2007.0/i586/telnet-server-krb5-1.4.3-7.3mdv2007.0.i586.rpm 
 e10dddb3abb9ef921e68e85a5e947bce  2007.0/SRPMS/krb5-1.4.3-7.3mdv2007.0.src.rpm

CS4.0 i586

 bd67fff4538b39d68100940316aff5d5  corporate/4.0/i586/ftp-client-krb5-1.4.3-5.5.20060mlcs4.i586.rpm
 d54d87a68ae8cab78674d17ac1742e3c  corporate/4.0/i586/ftp-server-krb5-1.4.3-5.5.20060mlcs4.i586.rpm
 c0e518f7615df9128c890d4ad1b11838  corporate/4.0/i586/krb5-server-1.4.3-5.5.20060mlcs4.i586.rpm
 bbcb8b3b35ac26a40fb30a09f87a464f  corporate/4.0/i586/krb5-workstation-1.4.3-5.5.20060mlcs4.i586.rpm
 0c883bec3f2e5bcc105c6b0f57e50c59  corporate/4.0/i586/libkrb53-1.4.3-5.5.20060mlcs4.i586.rpm
 fb99662080d775bbd6d6f8d7de4e5024  corporate/4.0/i586/libkrb53-devel-1.4.3-5.5.20060mlcs4.i586.rpm
 7db93b9b32a3e4b8b1114b4c1937f6d5  corporate/4.0/i586/telnet-client-krb5-1.4.3-5.5.20060mlcs4.i586.rpm
 6aa4e5148e58e694861b658dd90e9bc8  corporate/4.0/i586/telnet-server-krb5-1.4.3-5.5.20060mlcs4.i586.rpm 
 717778b180b3b31d2e20c2433eb47acf  corporate/4.0/SRPMS/krb5-1.4.3-5.5.20060mlcs4.src.rpm

CS4.0 x86_64

 255f2400287d8ae53d0c57f54a7f676f  corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.5.20060mlcs4.x86_64.rpm
 a7067ed12d3bb8552efc66e64d983cb0  corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.5.20060mlcs4.x86_64.rpm
 98a8f48182cd13761c67b92232e75538  corporate/4.0/x86_64/krb5-server-1.4.3-5.5.20060mlcs4.x86_64.rpm
 12cf6b83a02ce97091fbf3c6a1511c9b  corporate/4.0/x86_64/krb5-workstation-1.4.3-5.5.20060mlcs4.x86_64.rpm
 462970762a2621e4003e8be080ae0801  corporate/4.0/x86_64/lib64krb53-1.4.3-5.5.20060mlcs4.x86_64.rpm
 9b0c69c4174f4e1c07aba85b4d3d505a  corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.5.20060mlcs4.x86_64.rpm
 1c299e02e9e62d1dc9a564c52014c835  corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.5.20060mlcs4.x86_64.rpm
 ee6582ef79958640d02aa8b495514e6a  corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.5.20060mlcs4.x86_64.rpm 
 717778b180b3b31d2e20c2433eb47acf  corporate/4.0/SRPMS/krb5-1.4.3-5.5.20060mlcs4.src.rpm

2007.1 x86_64

 213d549b60580d2bebb49b165914b5d6  2007.1/x86_64/ftp-client-krb5-1.5.2-6.5mdv2007.1.x86_64.rpm
 d99352fc04a84329ed20f48a9c62ad56  2007.1/x86_64/ftp-server-krb5-1.5.2-6.5mdv2007.1.x86_64.rpm
 5ba2dd2f43aecc7dec70e264316b1ae7  2007.1/x86_64/krb5-server-1.5.2-6.5mdv2007.1.x86_64.rpm
 ae5d6a15bcbe24354408f8d6beb95053  2007.1/x86_64/krb5-workstation-1.5.2-6.5mdv2007.1.x86_64.rpm
 3beaa5eb8c2f0d8fecee2a92f082ad1b  2007.1/x86_64/lib64krb53-1.5.2-6.5mdv2007.1.x86_64.rpm
 da143cd98b04889d73a762f5300d8ea6  2007.1/x86_64/lib64krb53-devel-1.5.2-6.5mdv2007.1.x86_64.rpm
 c383f5c0525a2cd16ed24f3d2524ff30  2007.1/x86_64/telnet-client-krb5-1.5.2-6.5mdv2007.1.x86_64.rpm
 ee3fd03954d95ddd3dc5f428712ab82b  2007.1/x86_64/telnet-server-krb5-1.5.2-6.5mdv2007.1.x86_64.rpm 
 cc86958987c9c35d6c7118be0d488370  2007.1/SRPMS/krb5-1.5.2-6.5mdv2007.1.src.rpm

References