` 

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated kerberos packages fix various vulnerabilities
Advisory ID:       RHSA-2003:051-01
Issue date:        2003-03-26
Updated on:        2003-03-26
Product:           Red Hat Linux
Keywords:          krb5
Cross references:  RHSA-2003:052
Obsoletes:         RHSA-2003:020
CVE Names:         CAN-2003-0028 CAN-2003-0036 CAN-2003-0058 CAN-2003-0059 CAN-2003-0072 CAN-2003-0082 CAN-2003-0138 CAN-2003-0139
---------------------------------------------------------------------

1. Topic:

Updated Kerberos packages fix a number of vulnerabilities found in MIT
Kerberos.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386
Red Hat Linux 7.0 - i386
Red Hat Linux 7.1 - i386
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386
Red Hat Linux 8.0 - i386

3. Problem description:

Kerberos is a network authentication system. The MIT Kerberos team
released an advisory describing a number of vulnerabilities that affect the
kerberos packages shipped by Red Hat. These vulnerabilities include:

An integer signedness error in the ASN.1 decoder before version 1.2.5
allows remote attackers to cause a denial of service (crash) via a large
unsigned data element length, which is later used as a negative value. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2002-0036 to this issue. Red Hat Linux 8.0 and later are not affected
by this issue.

The Key Distribution Center (KDC) before version 1.2.5 allows remote,
authenticated attackers to cause a denial of service (crash) on KDCs within
the same realm using a certain protocol request that causes a null
dereference (CAN-2003-0058). Red Hat Linux 8.0 and later are not affected
by this issue.

The Key Distribution Center (KDC) allows remote, authenticated attackers to
cause a denial of service (crash) on KDCs within the same realm using a
certain protocol request that causes an out-of-bounds read of an array
(CAN-2003-0072).

The Key Distribution Center (KDC) allows remote, authenticated attackersto cause a denial of service (crash) on KDCs within the same realm using a
certain protocol request that causes the KDC to corrupt its heap
(CAN-2003-0082).

A vulnerability in Kerberos before version 1.2.3 allows users from one
realm to impersonate users in other realms that have the same inter-realm
keys (CAN-2003-0059). Red Hat Linux 7.3 and later are not affected by this
issue.

The MIT advisory for these issues also mentions format string
vulnerabilities in the logging routines (CAN-2003-0060). Previous versions
of the kerberos packages from Red Hat already contain fixes for this issue.

Vulnerabilities have been found in the support for triple-DES keys in the
implementation of the Kerberos IV authentication protocol which is included
in MIT Kerberos (CAN-2003-0139).

Vulnerabilities have been found in the Kerberos IV authentication protocol
which allow an attacker with knowledge of a cross-realm key, which is
shared with another realm, to impersonate any principal in that realm to
any service in that realm. This vulnerability can only be closed by
disabling cross-realm authentication in Kerberos IV (CAN-2003-0138).

Vulnerabilities have been found in the RPC library used by the kadmin
service in Kerberos 5. A faulty length check in the RPC library exposes
kadmind to an integer overflow which can be used to crash kadmind
(CAN-2003-0028).

All users of Kerberos are advised to upgrade to these errata packages,
which disable cross-realm authentication by default for Kerberos IV and
which contain backported patches that correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

i386: 
  
  
  
  
 

Red Hat Linux 7.0:

SRPMS: 
 

i386: 
  
  
  
 

Red Hat Linux 7.1:

SRPMS: 
 

i386: 
  
  
  
 

Red Hat Linux 7.2:

SRPMS: 
 

i386: 
  
  
  
 

ia64: 
  
  
  
 

Red Hat Linux 7.3:

SRPMS: 
 

i386: 
  
  
  
 

Red Hat Linux 8.0:

SRPMS: 
 

i386: 
  
  
  
 



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
ab4510357651cc37fc8a838c94a62417 6.2/en/os/SRPMS/krb5-1.1.1-40.src.rpm
7a2cba73bdd878f29592f792a9dfe794 6.2/en/os/i386/krb5-configs-1.1.1-40.i386.rpm
51431cdcc3526f92c2fd9c8f53f76282 6.2/en/os/i386/krb5-devel-1.1.1-40.i386.rpm
c20e1e80232276ea908eac478d46ad80 6.2/en/os/i386/krb5-libs-1.1.1-40.i386.rpm
4937fba2e1e8aeba94b503f30f9768e3 6.2/en/os/i386/krb5-server-1.1.1-40.i386.rpm
7cc03b89723f626a0ff956c9a579757d 6.2/en/os/i386/krb5-workstation-1.1.1-40.i386.rpm
015332e33f81730516dd76a64f9da81f 7.0/en/os/SRPMS/krb5-1.2.2-24.src.rpm
234fa434540d9e0d9f15dd49248efc68 7.0/en/os/i386/krb5-devel-1.2.2-24.i386.rpm
b54a47e387a5a6ea7158dc5ac0111893 7.0/en/os/i386/krb5-libs-1.2.2-24.i386.rpm
4b366d5cfb1f6ee9f5580643e5ac3d67 7.0/en/os/i386/krb5-server-1.2.2-24.i386.rpm
2b0951733ae63682644b1b10cfad2135 7.0/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm
015332e33f81730516dd76a64f9da81f 7.1/en/os/SRPMS/krb5-1.2.2-24.src.rpm
234fa434540d9e0d9f15dd49248efc68 7.1/en/os/i386/krb5-devel-1.2.2-24.i386.rpm
b54a47e387a5a6ea7158dc5ac0111893 7.1/en/os/i386/krb5-libs-1.2.2-24.i386.rpm
4b366d5cfb1f6ee9f5580643e5ac3d67 7.1/en/os/i386/krb5-server-1.2.2-24.i386.rpm
2b0951733ae63682644b1b10cfad2135 7.1/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm
015332e33f81730516dd76a64f9da81f 7.2/en/os/SRPMS/krb5-1.2.2-24.src.rpm
234fa434540d9e0d9f15dd49248efc68 7.2/en/os/i386/krb5-devel-1.2.2-24.i386.rpm
b54a47e387a5a6ea7158dc5ac0111893 7.2/en/os/i386/krb5-libs-1.2.2-24.i386.rpm
4b366d5cfb1f6ee9f5580643e5ac3d67 7.2/en/os/i386/krb5-server-1.2.2-24.i386.rpm
2b0951733ae63682644b1b10cfad2135 7.2/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm
dde89228aae54a6960568f0345cd0f4b 7.2/en/os/ia64/krb5-devel-1.2.2-24.ia64.rpm
b5bde7b8ec06f663263a269a0f67eb32 7.2/en/os/ia64/krb5-libs-1.2.2-24.ia64.rpm
241fbf250c32c1323da057e364916f7b 7.2/en/os/ia64/krb5-server-1.2.2-24.ia64.rpm
91670b5b3df3b2d10a1cbd4bc1f82514 7.2/en/os/ia64/krb5-workstation-1.2.2-24.ia64.rpm
88bff9c228e1c57bc5e9b938043ea36e 7.3/en/os/SRPMS/krb5-1.2.4-11.src.rpm
58dfab84469ba94f2f0730b6c73c0b63 7.3/en/os/i386/krb5-devel-1.2.4-11.i386.rpm
aecb7ec8b6854d3b4db2030629b3e757 7.3/en/os/i386/krb5-libs-1.2.4-11.i386.rpm
259f54ef7c8edcfb3668c81ba66c54e2 7.3/en/os/i386/krb5-server-1.2.4-11.i386.rpm
2f6f7bc14778d933e3c016b417eee575 7.3/en/os/i386/krb5-workstation-1.2.4-11.i386.rpm
7c578680da8bc516b76031b140e04235 8.0/en/os/SRPMS/krb5-1.2.5-15.src.rpm
9e0d547d33efc56c93932e92a8560aa0 8.0/en/os/i386/krb5-devel-1.2.5-15.i386.rpm
9e36f2192f29e5e4c162cf1af0ee4f79 8.0/en/os/i386/krb5-libs-1.2.5-15.i386.rpm
addeb716fb5ca29f0d403d586d4746b3 8.0/en/os/i386/krb5-server-1.2.5-15.i386.rpm
c3431c68451484ebe77645b552a49408 8.0/en/os/i386/krb5-workstation-1.2.5-15.i386.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at  About

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


7. References:
 
mit 
mit 
mit 
mit 
CVE -CVE-2003-0028 
CVE -CVE-2003-0036 
CVE -CVE-2003-0058 
CVE -CVE-2003-0059 
CVE -CVE-2003-0072 
CVE -CVE-2003-0082 
CVE -CVE-2003-0138 
CVE -CVE-2003-0139

8. Contact:

The Red Hat security contact is <security@RedHat.com>.  More contact
details at  All Red Hat products

Copyright 2003 Red Hat, Inc.



_______________________________________________
Red Hat-watch-list mailing list
To unsubscribe, visit: https://listman.RedHat.com/mailman/listinfo/RedHat-watch-list
`

RedHat: kerberos multiple vulnerabilities

Updated Kerberos packages fix a number of vulnerabilities found in MIT Kerberos.

Summary



Summary

Kerberos is a network authentication system. The MIT Kerberos teamreleased an advisory describing a number of vulnerabilities that affect thekerberos packages shipped by Red Hat. These vulnerabilities include:An integer signedness error in the ASN.1 decoder before version 1.2.5allows remote attackers to cause a denial of service (crash) via a largeunsigned data element length, which is later used as a negative value. TheCommon Vulnerabilities and Exposures project has assigned the nameCAN-2002-0036 to this issue. Red Hat Linux 8.0 and later are not affectedby this issue.The Key Distribution Center (KDC) before version 1.2.5 allows remote,authenticated attackers to cause a denial of service (crash) on KDCs withinthe same realm using a certain protocol request that causes a nulldereference (CAN-2003-0058). Red Hat Linux 8.0 and later are not affectedby this issue.The Key Distribution Center (KDC) allows remote, authenticated attackers tocause a denial of service (crash) on KDCs within the same realm using acertain protocol request that causes an out-of-bounds read of an array(CAN-2003-0072).The Key Distribution Center (KDC) allows remote, authenticated attackersto cause a denial of service (crash) on KDCs within the same realm using acertain protocol request that causes the KDC to corrupt its heap(CAN-2003-0082).A vulnerability in Kerberos before version 1.2.3 allows users from onerealm to impersonate users in other realms that have the same inter-realmkeys (CAN-2003-0059). Red Hat Linux 7.3 and later are not affected by thisissue.The MIT advisory for these issues also mentions format stringvulnerabilities in the logging routines (CAN-2003-0060). Previous versionsof the kerberos packages from Red Hat already contain fixes for this issue.Vulnerabilities have been found in the support for triple-DES keys in theimplementation of the Kerberos IV authentication protocol which is includedin MIT Kerberos (CAN-2003-0139).Vulnerabilities have been found in the Kerberos IV authentication protocolwhich allow an attacker with knowledge of a cross-realm key, which isshared with another realm, to impersonate any principal in that realm toany service in that realm. This vulnerability can only be closed bydisabling cross-realm authentication in Kerberos IV (CAN-2003-0138).Vulnerabilities have been found in the RPC library used by the kadminservice in Kerberos 5. A faulty length check in the RPC library exposeskadmind to an integer overflow which can be used to crash kadmind(CAN-2003-0028).All users of Kerberos are advised to upgrade to these errata packages,which disable cross-realm authentication by default for Kerberos IV andwhich contain backported patches that correct these issues.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. RPMs required:
Red Hat Linux 6.2:
SRPMS:

i386:





Red Hat Linux 7.0:
SRPMS:

i386:




Red Hat Linux 7.1:
SRPMS:

i386:




Red Hat Linux 7.2:
SRPMS:

i386:




ia64:




Red Hat Linux 7.3:
SRPMS:

i386:




Red Hat Linux 8.0:
SRPMS:

i386:






6. Verification:
MD5 sum Package Name ab4510357651cc37fc8a838c94a62417 6.2/en/os/SRPMS/krb5-1.1.1-40.src.rpm 7a2cba73bdd878f29592f792a9dfe794 6.2/en/os/i386/krb5-configs-1.1.1-40.i386.rpm 51431cdcc3526f92c2fd9c8f53f76282 6.2/en/os/i386/krb5-devel-1.1.1-40.i386.rpm c20e1e80232276ea908eac478d46ad80 6.2/en/os/i386/krb5-libs-1.1.1-40.i386.rpm 4937fba2e1e8aeba94b503f30f9768e3 6.2/en/os/i386/krb5-server-1.1.1-40.i386.rpm 7cc03b89723f626a0ff956c9a579757d 6.2/en/os/i386/krb5-workstation-1.1.1-40.i386.rpm 015332e33f81730516dd76a64f9da81f 7.0/en/os/SRPMS/krb5-1.2.2-24.src.rpm 234fa434540d9e0d9f15dd49248efc68 7.0/en/os/i386/krb5-devel-1.2.2-24.i386.rpm b54a47e387a5a6ea7158dc5ac0111893 7.0/en/os/i386/krb5-libs-1.2.2-24.i386.rpm 4b366d5cfb1f6ee9f5580643e5ac3d67 7.0/en/os/i386/krb5-server-1.2.2-24.i386.rpm 2b0951733ae63682644b1b10cfad2135 7.0/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm 015332e33f81730516dd76a64f9da81f 7.1/en/os/SRPMS/krb5-1.2.2-24.src.rpm 234fa434540d9e0d9f15dd49248efc68 7.1/en/os/i386/krb5-devel-1.2.2-24.i386.rpm b54a47e387a5a6ea7158dc5ac0111893 7.1/en/os/i386/krb5-libs-1.2.2-24.i386.rpm 4b366d5cfb1f6ee9f5580643e5ac3d67 7.1/en/os/i386/krb5-server-1.2.2-24.i386.rpm 2b0951733ae63682644b1b10cfad2135 7.1/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm 015332e33f81730516dd76a64f9da81f 7.2/en/os/SRPMS/krb5-1.2.2-24.src.rpm 234fa434540d9e0d9f15dd49248efc68 7.2/en/os/i386/krb5-devel-1.2.2-24.i386.rpm b54a47e387a5a6ea7158dc5ac0111893 7.2/en/os/i386/krb5-libs-1.2.2-24.i386.rpm 4b366d5cfb1f6ee9f5580643e5ac3d67 7.2/en/os/i386/krb5-server-1.2.2-24.i386.rpm 2b0951733ae63682644b1b10cfad2135 7.2/en/os/i386/krb5-workstation-1.2.2-24.i386.rpm dde89228aae54a6960568f0345cd0f4b 7.2/en/os/ia64/krb5-devel-1.2.2-24.ia64.rpm b5bde7b8ec06f663263a269a0f67eb32 7.2/en/os/ia64/krb5-libs-1.2.2-24.ia64.rpm 241fbf250c32c1323da057e364916f7b 7.2/en/os/ia64/krb5-server-1.2.2-24.ia64.rpm 91670b5b3df3b2d10a1cbd4bc1f82514 7.2/en/os/ia64/krb5-workstation-1.2.2-24.ia64.rpm 88bff9c228e1c57bc5e9b938043ea36e 7.3/en/os/SRPMS/krb5-1.2.4-11.src.rpm 58dfab84469ba94f2f0730b6c73c0b63 7.3/en/os/i386/krb5-devel-1.2.4-11.i386.rpm aecb7ec8b6854d3b4db2030629b3e757 7.3/en/os/i386/krb5-libs-1.2.4-11.i386.rpm 259f54ef7c8edcfb3668c81ba66c54e2 7.3/en/os/i386/krb5-server-1.2.4-11.i386.rpm 2f6f7bc14778d933e3c016b417eee575 7.3/en/os/i386/krb5-workstation-1.2.4-11.i386.rpm 7c578680da8bc516b76031b140e04235 8.0/en/os/SRPMS/krb5-1.2.5-15.src.rpm 9e0d547d33efc56c93932e92a8560aa0 8.0/en/os/i386/krb5-devel-1.2.5-15.i386.rpm 9e36f2192f29e5e4c162cf1af0ee4f79 8.0/en/os/i386/krb5-libs-1.2.5-15.i386.rpm addeb716fb5ca29f0d403d586d4746b3 8.0/en/os/i386/krb5-server-1.2.5-15.i386.rpm c3431c68451484ebe77645b552a49408 8.0/en/os/i386/krb5-workstation-1.2.5-15.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at About
You can verify each package with the following command:
rpm --checksig -v
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:
md5sum

References

mit mit mit mit CVE -CVE-2003-0028 CVE -CVE-2003-0036 CVE -CVE-2003-0058 CVE -CVE-2003-0059 CVE -CVE-2003-0072 CVE -CVE-2003-0082 CVE -CVE-2003-0138 CVE -CVE-2003-0139

Package List


Severity
Advisory ID: RHSA-2003:051-01
Issued Date: : 2003-03-26
Updated on: 2003-03-26
Product: Red Hat Linux
Keywords: krb5
Cross references: RHSA-2003:052
Obsoletes: RHSA-2003:020
CVE Names: CAN-2003-0028 CAN-2003-0036 CAN-2003-0058 CAN-2003-0059 CAN-2003-0072 CAN-2003-0082 CAN-2003-0138 CAN-2003-0139

Topic


Topic

Updated Kerberos packages fix a number of vulnerabilities found in MIT

Kerberos.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - i386

Red Hat Linux 7.0 - i386

Red Hat Linux 7.1 - i386

Red Hat Linux 7.2 - i386, ia64

Red Hat Linux 7.3 - i386

Red Hat Linux 8.0 - i386


Bugs Fixed


Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved