-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:077-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : krb5 Date : April 10, 2007 Affected: 2007.1 _______________________________________________________________________ Problem Description: A vulnerability was found in the username handling of the MIT krb5 telnet daemon. A remote attacker that could access the telnet port of a target machine could login as root without requiring a password (CVE-2007-0956). Buffer overflows in the kadmin server daemon were discovered that could be exploited by a remote attacker able to access the KDC. Successful exploitation could allow for the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-0957). Finally, a double-free flaw was discovered in the GSSAPI library used by the kadmin server daemon, which could lead to a denial of service condition or the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-1216). Updated packages have been patched to address this issue. Update: Packages for Mandriva Linux 2007.1 are now available. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-003.txt _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 5eae0ebe3be9e580c1c19ee041c9d72f 2007.1/i586/ftp-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm 83dd6a9c403f9ea3bc32a40a64c98fbf 2007.1/i586/ftp-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm 7fc832a70c77923aeec52cd309ee9c6f 2007.1/i586/krb5-server-1.5.2-6.1mdv2007.1.i586.rpm e54a01775aa24a1d9a08090b62b59a6c 2007.1/i586/krb5-workstation-1.5.2-6.1mdv2007.1.i586.rpm cfeabf699713ff757eb646ab681a6acc 2007.1/i586/libkrb53-1.5.2-6.1mdv2007.1.i586.rpm c3bf54b449ec81b27a7ca5a41dff9a7a 2007.1/i586/libkrb53-devel-1.5.2-6.1mdv2007.1.i586.rpm 801cd83b96ebcd8f3ca425543f1f63a5 2007.1/i586/telnet-client-krb5-1.5.2-6.1mdv2007.1.i586.rpm 0568ed507d58f76302071b197d9523cc 2007.1/i586/telnet-server-krb5-1.5.2-6.1mdv2007.1.i586.rpm 5e774ba6ce43122995ac39c43164d092 2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 392287e6ad669fd9321a9de1c85796d8 2007.1/x86_64/ftp-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm 68349333c7611dee78c814ea4fc2d9f2 2007.1/x86_64/ftp-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm a651024d2b42bc67033287e6795db6b5 2007.1/x86_64/krb5-server-1.5.2-6.1mdv2007.1.x86_64.rpm 28cd0236420330bb839b8e39ef2949c2 2007.1/x86_64/krb5-workstation-1.5.2-6.1mdv2007.1.x86_64.rpm 690eb27a9d90ab5319f70ea8f7326be4 2007.1/x86_64/lib64krb53-1.5.2-6.1mdv2007.1.x86_64.rpm 058d267b757c9ba63200e26f258100c3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.1mdv2007.1.x86_64.rpm d1bed5a3c84f0cc3e96d4760faa33477 2007.1/x86_64/telnet-client-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm ee1b6269c10f066d8fbd6ee2d0c2c818 2007.1/x86_64/telnet-server-krb5-1.5.2-6.1mdv2007.1.x86_64.rpm 5e774ba6ce43122995ac39c43164d092 2007.1/SRPMS/krb5-1.5.2-6.1mdv2007.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGG7qamqjQ0CJFipgRAjfTAJ9K1VRtkQ2skYjvi7naSjK9eutG7QCePO6q 2lqHNQT39QthWcVG2K4h5cY= =0Xpg -----END PGP SIGNATURE-----
