krb5-1.6.1-70.AXS3.2
エラータID: AXSA:2013-533:01
Release date:
Monday, July 15, 2013 - 14:34
Subject:
krb5-1.6.1-70.AXS3.2
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form.
Security issues fixed with this release:
• CVE-2002-2443
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
Solution:
Update packages.
CVEs:
CVE-2002-2443
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
Additional Info:
N/A
Download:
SRPMS
- krb5-1.6.1-70.AXS3.2.src.rpm
MD5: 07281d6986dc6594f91075090489dd8e
SHA-256: 87146cba9d550a22592f8eac0876467b8d15cf4a61f31f03a7f234e2752e347e
Size: 15.00 MB
Asianux Server 3 for x86
- krb5-devel-1.6.1-70.AXS3.2.i386.rpm
MD5: 7c1d1abb7f19405414c8b26613a37c39
SHA-256: f11b2265cd47b145a96df5a17900705b1a85c0c5275ff9ec7049ffbc014bff22
Size: 1.86 MB - krb5-libs-1.6.1-70.AXS3.2.i386.rpm
MD5: 9c37f9669421839973f1ab9430224fe5
SHA-256: 108d9f490a47be4cbddfc147d35dd61b8d72518e9e4a6ea7b98c6c1a126c1219
Size: 670.29 kB - krb5-server-1.6.1-70.AXS3.2.i386.rpm
MD5: 600324d7ba0ff07e89ebd01ff27b333f
SHA-256: 3a721871f32163d3577424ab2afd3552aabba826dca364e429f983aa11141442
Size: 914.17 kB - krb5-workstation-1.6.1-70.AXS3.2.i386.rpm
MD5: 88f71d0c20602792f2f660c478613df2
SHA-256: 75caf9de5352e6b1ef3f36d86cd8c035bd3f7a210a24b3878133c180ace109cf
Size: 831.11 kB
Asianux Server 3 for x86_64
- krb5-devel-1.6.1-70.AXS3.2.x86_64.rpm
MD5: aef246b76d771ad88e2cbc1e0a3442e1
SHA-256: f8753b3c16185e90430139a05b9da359db81864594a3cf5718d022e71229b834
Size: 1.88 MB - krb5-libs-1.6.1-70.AXS3.2.x86_64.rpm
MD5: 48983723114fe3267edc3884ee0fdab8
SHA-256: a00be2f7311adebe7291148473845f90772543ae0ae98d0b822c81368cac0204
Size: 682.35 kB - krb5-server-1.6.1-70.AXS3.2.x86_64.rpm
MD5: df1df7110395b89b3122235a495d01e6
SHA-256: 6aed02ceb85a9afb269a518c659595ac1c40cb70377288142fc9e7f7485a9a91
Size: 922.01 kB - krb5-workstation-1.6.1-70.AXS3.2.x86_64.rpm
MD5: 410dccf755e42d7bfccebd70998daba9
SHA-256: 7fba5db86e56887fd7d5718255594af3dc6e87fdf2830d0ecbfc83ee487257a1
Size: 856.99 kB