krb5-1.5-29
エラータID: AXSA:2007-01:01
リリース日:
2007/09/20 Thursday - 12:15
題名:
krb5-1.5-29
影響のあるチャネル:
Asianux Server 3 for ia64
Asianux Server 3 for ppc
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
A stack buffer overflow flaw is discovered in the RPC library used by
kadmind. An unauthenticated remote user may be able to cause a host
running kadmind to execute arbitrary code.(CVE-2007-3999)
An uninitialized pointer flaw is discovered in kadmind.An
authenticated user with modify policy privilege may be able to
cause a host running kadmind to execute arbitrary code.(CVE-2007-4000)
解決策:
パッケージのアップデートを行ってください。
CVE:
CVE-2007-3999
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
追加情報:
ありません。
ダウンロード:
Asianux Server 3 for x86
- krb5-devel-1.5-29.i386.rpm
MD5: 6de08d0a705ccba5725d5aae9d613879
SHA-256: abb531addfe6f1c9bd759f43b264963732adefe6cc5d66dee899625c2aa409f0
Size: 1.74 MB - krb5-libs-1.5-29.i386.rpm
MD5: 849b8bd1a03fc585c2c1c5a4f400d086
SHA-256: 85198351fb856d831f3c887f85b97fb6d4c0457ce76c1f2de9d6754302ae800c
Size: 593.42 kB - krb5-server-1.5-29.i386.rpm
MD5: ecf14974223906ee39625b578b0c5831
SHA-256: 21ed6e1c1f14944f0a66435099f95456dad5fb907d203b65b3d4dede8dc810db
Size: 0.99 MB - krb5-workstation-1.5-29.i386.rpm
MD5: c43af7a74f35d39c8e11fbbaba6010a6
SHA-256: 6c41f771de77081e8c2ea35bf658da13b81bfb4982d72e5188b4d5ea6313dd98
Size: 845.80 kB
Asianux Server 3 for x86_64
- krb5-devel-1.5-29.x86_64.rpm
MD5: 5ee0609c1c59f1066ae784d7d0418d11
SHA-256: f94abc9fb59ba3e3215f1f48d428b54d83b5ebd5f158d4d6daeb2485599372a0
Size: 1.76 MB - krb5-libs-1.5-29.x86_64.rpm
MD5: d1a160e65d15a9608085f34b9a6f08eb
SHA-256: 7199295d6483ccb00dd7b344799e61e6a4d3b17ca94d083e893dac118a5bd3ed
Size: 598.77 kB - krb5-server-1.5-29.x86_64.rpm
MD5: 00fcaaaceefabb04347538e663886be0
SHA-256: dbdb1454a3458ec5527a525ac13a4b0b66abe4b4767a188eb754801524eaabd2
Size: 1.00 MB - krb5-workstation-1.5-29.x86_64.rpm
MD5: fca09b3d89820052fd0e178cc83039bc
SHA-256: 69d1238231f8b32bab874d8a5cfafc7e779ad8e367d5f97fb5e3f4bf0c1e8d5c
Size: 862.81 kB