krb5-1.9-33.AXS4.2
エラータID: AXSA:2012-836:04
リリース日:
2012/09/11 Tuesday - 14:07
題名:
krb5-1.9-33.AXS4.2
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- krb5 の Key Distribution Center (KDC) の kdc_handle_protected_negotiation 関数はキータイプがチェックサムにふさわしいかどうか検証する前にチェックサムを計算しようとしており,巧妙に細工された AS-REQ リクエストによって,リモートの攻撃者が任意のコードを実行したり,あるいはサービス拒否 (初期化していないポインタの開放,ヒープメモリの破壊,デーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2012-1015)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-1013
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
CVE-2012-1015
The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
追加情報:
N/A
ダウンロード:
SRPMS
- krb5-1.9-33.AXS4.2.src.rpm
MD5: 63b52e651a379f2f7da79d08554dc2d5
SHA-256: d435cd341ed870edde001e45370aefc7c823ad575658affeaffee324dd97e78b
Size: 12.22 MB
Asianux Server 4 for x86
- krb5-devel-1.9-33.AXS4.2.i686.rpm
MD5: 7f9215e15369286c8a2fab3ed2ff339d
SHA-256: c7ae004e71feaf3d7514162f6db156b2954d805bbfafd039f4550ff055a92d77
Size: 1.19 MB - krb5-libs-1.9-33.AXS4.2.i686.rpm
MD5: 7b1a59860a9a09ef98e5c373a1f891fb
SHA-256: 8398fd9001db45ce5e86a08ecf8cc0a09e8b1d2e873622ad62a1a4f84a6e2062
Size: 719.24 kB - krb5-pkinit-openssl-1.9-33.AXS4.2.i686.rpm
MD5: 74a3112287e51d97fedec28cc46a5c05
SHA-256: 6843080f4011263ed99f849214cf11b136b6cc068c63a080c9a5bcedb3ac0c17
Size: 107.50 kB - krb5-server-1.9-33.AXS4.2.i686.rpm
MD5: d298a117e445c42a50fedd8e99d3a5cc
SHA-256: ed9f39ff6a7585e61fd2514bf87838f9b3ad58450d4f79cdcf2a8d988e35a640
Size: 941.78 kB - krb5-server-ldap-1.9-33.AXS4.2.i686.rpm
MD5: 5dc70db0bc0685c0830355c94bfdd616
SHA-256: 2ab987f3d3953ee62b111923a884b871626a65bb042b3dda1f6d19589e2af25a
Size: 141.46 kB - krb5-workstation-1.9-33.AXS4.2.i686.rpm
MD5: 4c3768fb9e78c474cd5fc940ed076fdc
SHA-256: 59a7e86a31e02f7049d71a4329de19a89d9169b6ece8698bf6ef03ede136a580
Size: 411.11 kB
Asianux Server 4 for x86_64
- krb5-devel-1.9-33.AXS4.2.x86_64.rpm
MD5: 3fd9d558f07d6d7a802161ae32ebfa6b
SHA-256: 69125500dae184853648172dd90084d3242b7754a870d0b423d5da9e42740450
Size: 1.19 MB - krb5-libs-1.9-33.AXS4.2.x86_64.rpm
MD5: a81f7775600859161b4c11a883277c89
SHA-256: a614031e16c12d64b4a0f389fcecb135afeb520bc94e7ca4cdef856cb7e681cc
Size: 711.39 kB - krb5-pkinit-openssl-1.9-33.AXS4.2.x86_64.rpm
MD5: 69693b55937a5fc03538db64b4266103
SHA-256: dd0dbaaba5a927faa7205e4f3df6ef9e750c65f0ef707eeb8371a884f453a17d
Size: 106.87 kB - krb5-server-1.9-33.AXS4.2.x86_64.rpm
MD5: bce05d4eb3d32f182dcaea00003defce
SHA-256: 67aaca65ad72686b2ea2da08c4d633b0587302558ac0d13777ecbee09f316f3c
Size: 945.72 kB - krb5-server-ldap-1.9-33.AXS4.2.x86_64.rpm
MD5: a146cf45ff802d86499a0d5cdfd93d40
SHA-256: dda02c45ad097214c3ffd141b75a9dc1754c046f9cdb1274f6a757a77a1dfde8
Size: 141.44 kB - krb5-workstation-1.9-33.AXS4.2.x86_64.rpm
MD5: 90cddffc46a35eaf882061df1101fa1a
SHA-256: b623fa7f1468f9c8c2711210acf68e30835e8c9a3fbe20aeef044575e6f1b94e
Size: 412.98 kB - krb5-devel-1.9-33.AXS4.2.i686.rpm
MD5: 7f9215e15369286c8a2fab3ed2ff339d
SHA-256: c7ae004e71feaf3d7514162f6db156b2954d805bbfafd039f4550ff055a92d77
Size: 1.19 MB - krb5-libs-1.9-33.AXS4.2.i686.rpm
MD5: 7b1a59860a9a09ef98e5c373a1f891fb
SHA-256: 8398fd9001db45ce5e86a08ecf8cc0a09e8b1d2e873622ad62a1a4f84a6e2062
Size: 719.24 kB - krb5-server-ldap-1.9-33.AXS4.2.i686.rpm
MD5: 5dc70db0bc0685c0830355c94bfdd616
SHA-256: 2ab987f3d3953ee62b111923a884b871626a65bb042b3dda1f6d19589e2af25a
Size: 141.46 kB