You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
3.1 KiB
83 lines
3.1 KiB
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
|
<glsa id="200409-09">
|
|
<title>MIT krb5: Multiple vulnerabilities</title>
|
|
<synopsis>
|
|
MIT krb5 contains several double-free vulnerabilities, potentially allowing
|
|
the execution of arbitrary code, as well as a denial of service
|
|
vulnerability.
|
|
</synopsis>
|
|
<product type="ebuild">mit-krb5</product>
|
|
<announced>2004-09-06</announced>
|
|
<revised count="01">2004-09-06</revised>
|
|
<bug>62417</bug>
|
|
<access>remote</access>
|
|
<affected>
|
|
<package name="app-crypt/mit-krb5" auto="yes" arch="*">
|
|
<unaffected range="ge">1.3.4</unaffected>
|
|
<vulnerable range="lt">1.3.4</vulnerable>
|
|
</package>
|
|
</affected>
|
|
<background>
|
|
<p>
|
|
MIT krb5 is the free implementation of the Kerberos network authentication
|
|
protocol by the Massachusetts Institute of Technology.
|
|
</p>
|
|
</background>
|
|
<description>
|
|
<p>
|
|
The implementation of the Key Distribution Center (KDC) and the MIT krb5
|
|
library contain double-free vulnerabilities, making client programs as well
|
|
as application servers vulnerable.
|
|
</p>
|
|
<p>
|
|
The ASN.1 decoder library is vulnerable to a denial of service attack,
|
|
including the KDC.
|
|
</p>
|
|
</description>
|
|
<impact type="high">
|
|
<p>
|
|
The double-free vulnerabilities could allow an attacker to execute
|
|
arbitrary code on a KDC host and hosts running krb524d or vulnerable
|
|
services. In the case of a KDC host, this can lead to a compromise of the
|
|
entire Kerberos realm. Furthermore, an attacker impersonating a legitimate
|
|
KDC or application server can potentially execute arbitrary code on
|
|
authenticating clients.
|
|
</p>
|
|
<p>
|
|
An attacker can cause a denial of service for a KDC or application server
|
|
and clients, the latter if impersonating a legitimate KDC or application
|
|
server.
|
|
</p>
|
|
</impact>
|
|
<workaround>
|
|
<p>
|
|
There is no known workaround at this time.
|
|
</p>
|
|
</workaround>
|
|
<resolution>
|
|
<p>
|
|
All mit-krb5 users should upgrade to the latest stable version:
|
|
</p>
|
|
<code>
|
|
# emerge sync
|
|
|
|
# emerge -pv ">=app-crypt/mit-krb5-1.3.4"
|
|
# emerge ">=app-crypt/mit-krb5-1.3.4"</code>
|
|
</resolution>
|
|
<references>
|
|
<uri link="http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt">MIT krb5 Security Advisory 2004-002</uri>
|
|
<uri link="http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt">MIT krb5 Security Advisory 2004-003</uri>
|
|
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0642">CAN-2004-0642</uri>
|
|
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0643">CAN-2004-0643</uri>
|
|
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0644">CAN-2004-0644</uri>
|
|
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0772">CAN-2004-0772</uri>
|
|
</references>
|
|
<metadata tag="requester" timestamp="2004-09-03T20:07:22Z">
|
|
jaervosz
|
|
</metadata>
|
|
<metadata tag="submitter" timestamp="2004-09-04T16:18:26Z">
|
|
vorlon078
|
|
</metadata>
|
|
</glsa>
|