krb5-1.8.2-3.AXS4.4

エラータID: AXSA:2011-37:01

リリース日: 
2011/02/22 Tuesday - 15:47
題名: 
krb5-1.8.2-3.AXS4.4
影響のあるチャネル: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords.
Security issues fixed with this release:
CVE-2010-4022
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process exits abnormally, which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
CVE-2011-0281
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a n sequence.
CVE-2011-0282
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.

解決策: 

Update packages.

CVE: 
CVE-2010-4022
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
CVE-2011-0281
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
CVE-2011-0282
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.




追加情報: 

N/A

ダウンロード: 

SRPMS
  1. krb5-1.8.2-3.AXS4.4.src.rpm
    MD5: c6089d70070c46f92b0f2a00795df03e
    SHA-256: b1b709e18dc4d0060f99ead552e6a56b87a3d9dcd4701954986db2a0fee861f2
    Size: 11.95 MB

Asianux Server 4 for x86
  1. krb5-devel-1.8.2-3.AXS4.4.i686.rpm
    MD5: f34f04881c12f889fa00fae76b7fb0bc
    SHA-256: 6aaa9646e125f46381d50c4295c387ca050a580e3eed8eaa296f5bbc0aa9e3be
    Size: 1.17 MB
  2. krb5-libs-1.8.2-3.AXS4.4.i686.rpm
    MD5: 88d6fc5d2dfb9b9f9058db8b3d6be64e
    SHA-256: f7812c7989f76152df92d4491906aaf7c50673b625bac51cdb30bcd871c896e9
    Size: 689.13 kB
  3. krb5-pkinit-openssl-1.8.2-3.AXS4.4.i686.rpm
    MD5: 84f8fc7aa1c37eeb58472f8418846638
    SHA-256: dcd0fa5e04281d14ef94f34a999c486cd81fee4e2b8d158e1971324e2b13ba9e
    Size: 98.30 kB
  4. krb5-server-1.8.2-3.AXS4.4.i686.rpm
    MD5: a8a07ab17f78789b7eb4c89c610e58b1
    SHA-256: 1070b6931a31ef2e824b65de7e28f3bf19f9b1de8a18dfe01eefcfcceca704bc
    Size: 896.03 kB
  5. krb5-server-ldap-1.8.2-3.AXS4.4.i686.rpm
    MD5: 615b006d82a99d8b91a66b25ea82737d
    SHA-256: 299c73c3365745c98d685d145a086a09a8794a5143312c788f51535eccc7136e
    Size: 133.17 kB
  6. krb5-workstation-1.8.2-3.AXS4.4.i686.rpm
    MD5: 53a26df00ebe92b908a2f6b8703f12ba
    SHA-256: 9c3e8d1d9e7dfe16de01d1eb32ea36527abf76da0890951b80dad9fcc309e64d
    Size: 386.16 kB

Asianux Server 4 for x86_64
  1. krb5-devel-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: 61e4c1f92501cf1358e738aafdcb93d5
    SHA-256: 3aecedb440d6fb2cceb56614bebadab1a003516f9fee1839af344d03626a9092
    Size: 1.17 MB
  2. krb5-libs-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: 7750705ba71db167743225c28d3b7bf0
    SHA-256: 00f9bc5e99355506d9c9cb79bf944228e1f303de599aaddd3b33d77a2b962aba
    Size: 683.05 kB
  3. krb5-pkinit-openssl-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: 35e5521202e535b65ce18e35776e7257
    SHA-256: e64a3d9cc9c1dd538498458730a11bd1aafc4ddebdf1a55d63c8208a9476393e
    Size: 97.83 kB
  4. krb5-server-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: 5259374e6af288c4f6eeddfbeb2d2625
    SHA-256: 5139528367e12b3115844c86abc5a248e6647948e6a8b3280693adce8fe8f37e
    Size: 901.88 kB
  5. krb5-server-ldap-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: a37f0e68fff8fa4c8ee4a18ca72c91c9
    SHA-256: fd6c0acef199416f95ba7db191dcebcd8d9f772190a10b99145552d2235c93f1
    Size: 133.11 kB
  6. krb5-workstation-1.8.2-3.AXS4.4.x86_64.rpm
    MD5: f007ff8bdf940c3502438d9c4aeeee75
    SHA-256: e64ed521bfc52ff338d5f1b055fb44062514589b467c526ee1c725e425138eb3
    Size: 388.27 kB
  7. krb5-devel-1.8.2-3.AXS4.4.i686.rpm
    MD5: f34f04881c12f889fa00fae76b7fb0bc
    SHA-256: 6aaa9646e125f46381d50c4295c387ca050a580e3eed8eaa296f5bbc0aa9e3be
    Size: 1.17 MB
  8. krb5-libs-1.8.2-3.AXS4.4.i686.rpm
    MD5: 88d6fc5d2dfb9b9f9058db8b3d6be64e
    SHA-256: f7812c7989f76152df92d4491906aaf7c50673b625bac51cdb30bcd871c896e9
    Size: 689.13 kB
  9. krb5-server-ldap-1.8.2-3.AXS4.4.i686.rpm
    MD5: 615b006d82a99d8b91a66b25ea82737d
    SHA-256: 299c73c3365745c98d685d145a086a09a8794a5143312c788f51535eccc7136e
    Size: 133.17 kB