Home / vulnerabilities MDKSA-2007-077-1.txt
Posted on 11 April 2007
Source : packetstormsecurity.org Link
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:077-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : krb5
Date : April 10, 2007
Affected: 2007.1
_______________________________________________________________________
Problem Description:
A vulnerability was found in the username handling of the MIT krb5
telnet daemon. A remote attacker that could access the telnet port
of a target machine could login as root without requiring a password
(CVE-2007-0956).
Buffer overflows in the kadmin server daemon were discovered that could
be exploited by a remote attacker able to access the KDC. Successful
exploitation could allow for the execution of arbitrary code with
the privileges of the KDC or kadmin server processes (CVE-2007-0957).
Finally, a double-free flaw was discovered in the GSSAPI library used
by the kadmin server daemon, which could lead to a denial of service
condition or the execution of arbitrary code with the privileges of
the KDC or kadmin server processes (CVE-2007-1216).
Updated packages have been patched to address this issue.
Update:
Packages for Mandriva Linux 2007.1 are now available.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-003.txt
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
5eae0ebe3be9e580c1c19ee041c9d72f 2007.1/i586/ftp-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm
83dd6a9c403f9ea3bc32a40a64c98fbf 2007.1/i586/ftp-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm
7fc832a70c77923aeec52cd309ee9c6f 2007.1/i586/krb5-server-1.5.2-6.1mdv2007.1.i586.rpm
e54a01775aa24a1d9a08090b62b59a6c 2007.1/i586/krb5-workstation-1.5.2-6.1mdv2007.1.i586.rpm
cfeabf699713ff757eb646ab681a6acc 2007.1/i586/libkrb53-1.5.2-6.1mdv2007.1.i586.rpm
c3bf54b449ec81b27a7ca5a41dff9a7a 2007.1/i586/libkrb53-devel-1.5.2-6.1mdv2007.1.i586.rpm
801cd83b96ebcd8f3ca425543f1f63a5 2007.1/i586/telnet-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm
0568ed507d58f76302071b197d9523cc 2007.1/i586/telnet-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm
5e774ba6ce43122995ac39c43164d092 2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
392287e6ad669fd9321a9de1c85796d8 2007.1/x86_64/ftp-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
68349333c7611dee78c814ea4fc2d9f2 2007.1/x86_64/ftp-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
a651024d2b42bc67033287e6795db6b5 2007.1/x86_64/krb5-server-1.5.2-6.1mdv2007.1.x86_64.rpm
28cd0236420330bb839b8e39ef2949c2 2007.1/x86_64/krb5-workstation-1.5.2-6.1mdv2007.1.x86_64.rpm
690eb27a9d90ab5319f70ea8f7326be4 2007.1/x86_64/lib64krb53-1.5.2-6.1mdv2007.1.x86_64.rpm
058d267b757c9ba63200e26f258100c3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.1mdv2007.1.x86_64.rpm
d1bed5a3c84f0cc3e96d4760faa33477 2007.1/x86_64/telnet-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
ee1b6269c10f066d8fbd6ee2d0c2c818 2007.1/x86_64/telnet-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm
5e774ba6ce43122995ac39c43164d092 2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGG7qamqjQ0CJFipgRAjfTAJ9K1VRtkQ2skYjvi7naSjK9eutG7QCePO6q
2lqHNQT39QthWcVG2K4h5cY=
=0Xpg
-----END PGP SIGNATURE-----