Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: krb5 multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Team   
Debian Several vulnerabilities have been discovered in krb5, an implementation of MIT Kerberos.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 266-1                                        Martin Schulze
March 17th, 2003               
- --------------------------------------------------------------------------

Package        : krb5
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0028 CAN-2003-0072 CAN-2003-0138 CAN-2003-0139
CERT advisories: VU#623217 VU#442569 VU#516825 CA-2003-10

Several vulnerabilities have been discovered in krb5, an
implementation of MIT Kerberos.

 . A cryptographic weakness in version 4 of the Kerberos protocol
   allows an attacker to use a chosen-plaintext attack to impersonate
   any principal in a realm.  Additional cryptographic weaknesses in
   the krb4 implementation included in the MIT krb5 distribution
   permit the use of cut-and-paste attacks to fabricate krb4 tickets
   for unauthorized client principals if triple-DES keys are used to
   key krb4 services.  These attacks can subvert a site's entire
   Kerberos authentication infrastructure.

   Kerberos version 5 does not contain this cryptographic
   vulnerability.  Sites are not vulnerable if they have Kerberos v4
   completely disabled, including the disabling of any krb5 to krb4
   translation services.

 . The MIT Kerberos 5 implementation includes an RPC library derived
   from SUNRPC.  The implementation contains length checks, that are
   vulnerable to an integer overflow, which may be exploitable to
   create denials of service or to gain unauthorized access to
   sensitive information.

 . Buffer overrun and underrun problems exist in Kerberos principal
   name handling in unusual cases, such as names with zero components,
   names with one empty component, or host-based service principal
   names with no host name component.

For the stable distribution (woody) this problem has been
fixed in version 1.2.4-5woody4.

The old stable distribution (potato) does not contain krb5 packages.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your krb5 package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      715 d96f63ec5433fe5e34541322f2ec4e6f
      Size/MD5 checksum:   117016 050172c17604c6075d5141adf62721bb
      Size/MD5 checksum:   837668 459c1d0262e939d6432f193c7a4ba8a8

  Architecture independent components:
      Size/MD5 checksum:   512446 29525c9953ceb91febdad9ef375b2a44

  Alpha architecture:
      Size/MD5 checksum:   253298 38272cd78cbafdd28b6634448a9b4339
      Size/MD5 checksum:   217044 2dac6d7e4253d856c55575ec1ad547ce
      Size/MD5 checksum:    62486 0d0cbeeb24b2ae83ac464e19cd7b9cce
      Size/MD5 checksum:   251682 49a774635a51081e01e8b3f13e5fe526
      Size/MD5 checksum:    75928 cae86e32606c1fcfa845acb5148708ac
      Size/MD5 checksum:    58594 34c719bd595658d3c20eef588cdbc775
      Size/MD5 checksum:   207088 f8b4550bfb753354ae0d40161926bc0b
      Size/MD5 checksum:    83204 9b70ed19838cb9f5777808eccee91914
      Size/MD5 checksum:   632620 5a67837bbad42d6c08626d3ba4b66055
      Size/MD5 checksum:   366806 e17a3a1ce6c7d722ff20fa774b180790

  ARM architecture:
      Size/MD5 checksum:   196794 465433fb83efa7dbb8f86f94e68937e0
      Size/MD5 checksum:   160112 e1e3ebf5bebec8a7aac933f8280d54e6
      Size/MD5 checksum:    48278 5e7685fed5374857081684a92fdce555
      Size/MD5 checksum:   198106 a365166b29736d2322f6fde29618c081
      Size/MD5 checksum:    63206 0042878e72408095926db855ddae1a59
      Size/MD5 checksum:    48840 fb0cfa78f5208bf9ed58edf541151353
      Size/MD5 checksum:   165574 6a699460600dd88f73fbbaa1f901a242
      Size/MD5 checksum:    73008 863aa7c82638e4a099587f48dc97d49a
      Size/MD5 checksum:   492690 8b54536a5baf3177ba6865b8f857125a
      Size/MD5 checksum:   294468 b990ae80031f216455259ba84ac33ccb

  Intel IA-32 architecture:
      Size/MD5 checksum:   178822 e01f7e7537a32c1111a99a9b8b36bbaa
      Size/MD5 checksum:   151860 cdeb92131cb56b75dc0f458fe0a4422a
      Size/MD5 checksum:    45860 4b7348b682252f0d1c838845ed2c30cd
      Size/MD5 checksum:   178132 b98a5811e113fd70c1ddb575109f2c2b
      Size/MD5 checksum:    60858 8d84eac01dc0b07821e6325b900ed004
      Size/MD5 checksum:    46130 a11772127378efd1c833f27cc7367a27
      Size/MD5 checksum:   156180 a724cb58a2ef2b6ce756607ac70549a0
      Size/MD5 checksum:    71452 9ad325c985a673b8ed6eba7e0f838913
      Size/MD5 checksum:   433292 6ba666aaa5ad9ba70a6637f875b34b3a
      Size/MD5 checksum:   293058 33360837c7c1dd4b41e5ac3a4408a403

  Intel IA-64 architecture:
      Size/MD5 checksum:   321838 7588d131ab725e44ab97f0efe83a7112
      Size/MD5 checksum:   266004 0847d00d9ce1e2ec502a57073ef3af45
      Size/MD5 checksum:    73240 738350d389ac624916b20f815ad3fc80
      Size/MD5 checksum:   321772 5d2ff22069fec3715fb36819f48099e6
      Size/MD5 checksum:    91538 9f4c859a2a51d24c4060cef160562439
      Size/MD5 checksum:    70168 893ebbc8b992b14090f26a11783bacaf
      Size/MD5 checksum:   255798 6ac9448c71a561f32f1fc02b88519421
      Size/MD5 checksum:   106844 f0d2ec797dc41902c764ca6b056d0eae
      Size/MD5 checksum:   705022 2da30742db084e058442847ed6d6ee8e
      Size/MD5 checksum:   474086 e2479dae4bde040a3bd35ecf243528d9

  HP Precision architecture:
      Size/MD5 checksum:   214158 d83262340dc1cd888c18c9ce5df71f5b
      Size/MD5 checksum:   189400 8716b135eade70cff0a345f7a83ba5e4
      Size/MD5 checksum:    53550 bc480c19a038a319aacec577d8540be5
      Size/MD5 checksum:   213636 1a8e7ebf21292701c9c96c67df2a7084
      Size/MD5 checksum:    68248 13819e71f5c2252f93da3351db9efe76
      Size/MD5 checksum:    55376 ab39d4a298fc1fb9a135edfb16673279
      Size/MD5 checksum:   182518 e1b0a1188ef8feeef92acad1c1495dcc
      Size/MD5 checksum:    84490 05a18768b22429742161bd3e7c4ca591
      Size/MD5 checksum:   557252 b0c6f7fa3fddfa5b92fad35662b3fcb8
      Size/MD5 checksum:   361574 17040c44a5b3388dc53e38f82ed95138

  Motorola 680x0 architecture:
      Size/MD5 checksum:   163874 1ed05a5fa69e48698d281ef20dbc9541
      Size/MD5 checksum:   144396 88969898a1e126662efa89ac99e33ec3
      Size/MD5 checksum:    44008 8767192f6736ced7972792d1703094cd
      Size/MD5 checksum:   163628 216af0fa467b3808540cb4c6322d2886
      Size/MD5 checksum:    56550 5e09b79a1a6549d58fab837209b30878
      Size/MD5 checksum:    44306 403197a0ba375350f08a95c5db8d8454
      Size/MD5 checksum:   145612 1f947b6878a449c6deddccacd63dfcb2
      Size/MD5 checksum:    69436 8a049ab9bdaf55293b7b7fdb6adff357
      Size/MD5 checksum:   408718 bd798af04c968b7aec77a696f520f335
      Size/MD5 checksum:   276660 76ee14f1ba7ce281bdc2a4c7c1f32010

  Big endian MIPS architecture:
      Size/MD5 checksum:   206222 54886999472cece91354d62ac092232f
      Size/MD5 checksum:   190794 6bae2159a5e27914c0cf18894d71dafd
      Size/MD5 checksum:    52990 7ba836f937c6a25972ba039f2aec6c69
      Size/MD5 checksum:   209098 0d5a4cf3459aa1187d64f299605a1356
      Size/MD5 checksum:    66092 fa1ab7363cb751a28780cb92796fb948
      Size/MD5 checksum:    54548 9515c8cdc33c719df40b8338c7149665
      Size/MD5 checksum:   175008 ce8c1f3b7e0be79b96109a98bfca574f
      Size/MD5 checksum:    71648 a47d5b205700b51579a37567ea042460
      Size/MD5 checksum:   540558 762c93c226fae530690dcec3413ca704
      Size/MD5 checksum:   307892 2305a9ba885d163fb034d3c2eebfff1d

  Little endian MIPS architecture:
      Size/MD5 checksum:   210318 d1d185b89c793178c01f81f314281562
      Size/MD5 checksum:   190488 88421875390356e881a0b57a77fcbeec
      Size/MD5 checksum:    53184 1c0d9f7f4c68cbc0b565786a16ea57ad
      Size/MD5 checksum:   212748 5b9cb0065fa922da7795872346bb3c86
      Size/MD5 checksum:    66412 1c050b90b1b2cee69c7bfd21b2f54844
      Size/MD5 checksum:    54422 fdc65f95e8a0c816d13dcc464f97f9e7
      Size/MD5 checksum:   176778 c5fd5b5a204baa65fd87feac08d8b618
      Size/MD5 checksum:    71448 fcf181b1b8b01b3a73e0d5799248d467
      Size/MD5 checksum:   540202 3615ff69350f35cf16efa11e9f8f823f
      Size/MD5 checksum:   306552 cd2607af5dfec51c5f79c44f4f8ce48d

  PowerPC architecture:
      Size/MD5 checksum:   187936 7a700e84a8323c4b498abf74b07f9a3d
      Size/MD5 checksum:   163624 a842eadc59733e0e93151c45194e0441
      Size/MD5 checksum:    48854 6132a3bd9f59c5a25dec2cc05c5494fc
      Size/MD5 checksum:   189016 042dacaf151b42fedae25642e586ab09
      Size/MD5 checksum:    62216 2b64754367e0f76e46286a15d0a99073
      Size/MD5 checksum:    48816 396124670d45d841392d02cd8fa584b6
      Size/MD5 checksum:   162306 c5195c88b7235d19bed5a2193df27ca2
      Size/MD5 checksum:    73426 b2db2165da23bdb6bb11f604a42de3ee
      Size/MD5 checksum:   490280 7d7173fc921960c344e7c361ed171b51
      Size/MD5 checksum:   302968 54864290375222f045185e5eba807c21

  IBM S/390 architecture:
      Size/MD5 checksum:   188800 60eca0add1877235d5b16cc63f3f7f69
      Size/MD5 checksum:   165924 67620cfff8a8c996f445bdbfe1b6a37c
      Size/MD5 checksum:    49786 ddf15bae37b3c510ba7af67574357655
      Size/MD5 checksum:   190122 3f188c38314486ab4d3e4b70bed870af
      Size/MD5 checksum:    66582 59decc4c1382843537b3bbc4a3b2736e
      Size/MD5 checksum:    49764 342df1caaa77b7161170a030c15aa5fb
      Size/MD5 checksum:   163954 b43d84a531bc183aa884559d5afb3a26
      Size/MD5 checksum:    75978 3a627da776f09b85bd592129a55b371e
      Size/MD5 checksum:   452718 4c62d618a8e860a21bbf711146bd6d1d
      Size/MD5 checksum:   318954 9f458fb9f5c0999d2abe775e1334abea

  Sun Sparc architecture:
      Size/MD5 checksum:   182928 c0d78b3d83903667b098297794383b6b
      Size/MD5 checksum:   172530 478a147848dd071874a69e9f0d1a172e
      Size/MD5 checksum:    49270 2ab2c7f961c126de5c3d05c78329ba60
      Size/MD5 checksum:   183864 05d03a80121c70cc2cb16afba5ef9f22
      Size/MD5 checksum:    63882 bdd1e6e64d892b7431ba50f2a11a7982
      Size/MD5 checksum:    49212 2fa55173cd8fc6cdab2aa1d4f73c73fe
      Size/MD5 checksum:   159024 c7cad0e11e0f0e7348d2a13b8bb9e70c
      Size/MD5 checksum:    72746 fe81012f9548d32757192cda42e2ed5a
      Size/MD5 checksum:   462300 ac1ce3b5ab61d00bdff0cc063a7c6afa
      Size/MD5 checksum:   300732 465ca13e56998e0082f86489d5c85814

  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show ' and

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.