
---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated krb5 packages fix security issues
Advisory ID:       RHSA-2004:350-01
Issue date:        2004-08-31
Updated on:        2004-08-31
Product:           Red Hat Enterprise Linux
Keywords:          krb5 client timeout
Obsoletes:         RHSA-2004:236
CVE Names:         CAN-2004-0642 CAN-2004-0643 CAN-2004-0644
---------------------------------------------------------------------

1. Summary:

Updated krb5 packages that improve client responsiveness and fix several
security issues are now available for Red Hat Enterprise Linux 3.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Kerberos is a networked authentication system that uses a trusted third
party (a KDC) to authenticate clients and servers to each other.

Several double-free bugs were found in the Kerberos 5 KDC and libraries.  A
remote attacker could potentially exploit these flaws to execuate arbitrary
code.  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2004-0642 and CAN-2004-0643 to these issues.

A double-free bug was also found in the krb524 server (CAN-2004-0772),
however this issue does not affect Red Hat Enterprise Linux 3 Kerberos
packages.

An infinite loop bug was found in the Kerberos 5 ASN.1 decoder library.  A
remote attacker may be able to trigger this flaw and cause a denial of
service. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0644 to this issue.

When attempting to contact a KDC, the Kerberos libraries will iterate
through the list of configured servers, attempting to contact each in turn.
If one of the servers becomes unresponsive, the client will time out and
contact the next configured server.  When the library attempts to contact
the next KDC, the entire process is repeated.  For applications which must
contact a KDC several times, the accumulated time spent waiting can become
significant.

This update modifies the libraries, notes which server for a given realm
last responded to a request, and attempts to contact that server first
before contacting any of the other configured servers.

All users of krb5 should upgrade to these updated packages, which contain
backported security patches to resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate.  The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://access.redhat.com

5. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS: 

3c91ce8bc77bd9bc5bf2f00c09d23cff  krb5-1.2.7-28.src.rpm

i386:
758976fe956ac98a73809b4cc716d4c5  krb5-devel-1.2.7-28.i386.rpm
6a5c52f4ec0a575ca3f22696c592ecc6  krb5-libs-1.2.7-28.i386.rpm
d805a5ef4dc5c16f1a6957cd60769076  krb5-server-1.2.7-28.i386.rpm
2fee85ec1cc48fe67b90cd9954149321  krb5-workstation-1.2.7-28.i386.rpm

ia64:
2d5b6ce0d861cb35c66e9ce11321ca09  krb5-devel-1.2.7-28.ia64.rpm
dd27b1cfed80262c724f20400d174ae6  krb5-libs-1.2.7-28.ia64.rpm
0c0b19114325ab9b9798398009abc745  krb5-server-1.2.7-28.ia64.rpm
b6d331840e0a625073c03f3629b71b6f  krb5-workstation-1.2.7-28.ia64.rpm

ppc:
548446398708f1ee3a1820be932c427c  krb5-devel-1.2.7-28.ppc.rpm
32f8d495713aad38cf0961e7eab8146f  krb5-libs-1.2.7-28.ppc.rpm
2805823ff0ceeb7fd084f4cd1322f180  krb5-server-1.2.7-28.ppc.rpm
c896eb2e27858495ca85a7f4f60b7d9d  krb5-workstation-1.2.7-28.ppc.rpm

ppc64:
9571b0242acad9ec5601b941aa5cf93e  krb5-devel-1.2.7-28.ppc64.rpm
8bba9563078f648f8399be16a4a52d2a  krb5-libs-1.2.7-28.ppc64.rpm
48df8c1d94161a229cf5d52e0f2224ed  krb5-server-1.2.7-28.ppc64.rpm
683c8c478512a0d2ef8d4b631e038501  krb5-workstation-1.2.7-28.ppc64.rpm

s390:
e1ab9eb4bef50ef7830e9504c988e4b8  krb5-devel-1.2.7-28.s390.rpm
4786e0ba3adbccca954fb2dee1034dd7  krb5-libs-1.2.7-28.s390.rpm
3b17e6311a345c13efa0322a6f47e08f  krb5-server-1.2.7-28.s390.rpm
ce72c91a8d4dd92969bc099866a693cd  krb5-workstation-1.2.7-28.s390.rpm

s390x:
9c3c9f758c4a619e852f5289f31614fd  krb5-devel-1.2.7-28.s390x.rpm
94d14bb7d2e34140941c51839b4cf4f6  krb5-libs-1.2.7-28.s390x.rpm
9e11ac40de7e36037cc4da2346c5f64f  krb5-server-1.2.7-28.s390x.rpm
c2f65cd14134efa5794c732ed7e210df  krb5-workstation-1.2.7-28.s390x.rpm

x86_64:
4b5d4f9ec25bf69bf3d1632b8f9dfece  krb5-devel-1.2.7-28.x86_64.rpm
3ba1a8cda52f4c5c4f235390b5ab231c  krb5-libs-1.2.7-28.x86_64.rpm
4dae049940b908786c4c18ec2c4633e0  krb5-server-1.2.7-28.x86_64.rpm
c68b7f6f4571165da841e89fb2de809d  krb5-workstation-1.2.7-28.x86_64.rpm

Red Hat Desktop version 3:

SRPMS: 

3c91ce8bc77bd9bc5bf2f00c09d23cff  krb5-1.2.7-28.src.rpm

i386:
758976fe956ac98a73809b4cc716d4c5  krb5-devel-1.2.7-28.i386.rpm
6a5c52f4ec0a575ca3f22696c592ecc6  krb5-libs-1.2.7-28.i386.rpm
d805a5ef4dc5c16f1a6957cd60769076  krb5-server-1.2.7-28.i386.rpm
2fee85ec1cc48fe67b90cd9954149321  krb5-workstation-1.2.7-28.i386.rpm

x86_64:
4b5d4f9ec25bf69bf3d1632b8f9dfece  krb5-devel-1.2.7-28.x86_64.rpm
3ba1a8cda52f4c5c4f235390b5ab231c  krb5-libs-1.2.7-28.x86_64.rpm
4dae049940b908786c4c18ec2c4633e0  krb5-server-1.2.7-28.x86_64.rpm
c68b7f6f4571165da841e89fb2de809d  krb5-workstation-1.2.7-28.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: 

3c91ce8bc77bd9bc5bf2f00c09d23cff  krb5-1.2.7-28.src.rpm

i386:
758976fe956ac98a73809b4cc716d4c5  krb5-devel-1.2.7-28.i386.rpm
6a5c52f4ec0a575ca3f22696c592ecc6  krb5-libs-1.2.7-28.i386.rpm
d805a5ef4dc5c16f1a6957cd60769076  krb5-server-1.2.7-28.i386.rpm
2fee85ec1cc48fe67b90cd9954149321  krb5-workstation-1.2.7-28.i386.rpm

ia64:
2d5b6ce0d861cb35c66e9ce11321ca09  krb5-devel-1.2.7-28.ia64.rpm
dd27b1cfed80262c724f20400d174ae6  krb5-libs-1.2.7-28.ia64.rpm
0c0b19114325ab9b9798398009abc745  krb5-server-1.2.7-28.ia64.rpm
b6d331840e0a625073c03f3629b71b6f  krb5-workstation-1.2.7-28.ia64.rpm

x86_64:
4b5d4f9ec25bf69bf3d1632b8f9dfece  krb5-devel-1.2.7-28.x86_64.rpm
3ba1a8cda52f4c5c4f235390b5ab231c  krb5-libs-1.2.7-28.x86_64.rpm
4dae049940b908786c4c18ec2c4633e0  krb5-server-1.2.7-28.x86_64.rpm
c68b7f6f4571165da841e89fb2de809d  krb5-workstation-1.2.7-28.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: 

3c91ce8bc77bd9bc5bf2f00c09d23cff  krb5-1.2.7-28.src.rpm

i386:
758976fe956ac98a73809b4cc716d4c5  krb5-devel-1.2.7-28.i386.rpm
6a5c52f4ec0a575ca3f22696c592ecc6  krb5-libs-1.2.7-28.i386.rpm
d805a5ef4dc5c16f1a6957cd60769076  krb5-server-1.2.7-28.i386.rpm
2fee85ec1cc48fe67b90cd9954149321  krb5-workstation-1.2.7-28.i386.rpm

ia64:
2d5b6ce0d861cb35c66e9ce11321ca09  krb5-devel-1.2.7-28.ia64.rpm
dd27b1cfed80262c724f20400d174ae6  krb5-libs-1.2.7-28.ia64.rpm
0c0b19114325ab9b9798398009abc745  krb5-server-1.2.7-28.ia64.rpm
b6d331840e0a625073c03f3629b71b6f  krb5-workstation-1.2.7-28.ia64.rpm

x86_64:
4b5d4f9ec25bf69bf3d1632b8f9dfece  krb5-devel-1.2.7-28.x86_64.rpm
3ba1a8cda52f4c5c4f235390b5ab231c  krb5-libs-1.2.7-28.x86_64.rpm
4dae049940b908786c4c18ec2c4633e0  krb5-server-1.2.7-28.x86_64.rpm
c68b7f6f4571165da841e89fb2de809d  krb5-workstation-1.2.7-28.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
 

6. References:
 
Kerberos Security Advisories 
CVE -CVE-2004-0642 
CVE -CVE-2004-0643 
CVE -CVE-2004-0644

7. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at  

Copyright 2004 Red Hat, Inc.

Red Hat: krb5 security issues

Updated krb5 packages that improve client responsiveness and fix severalsecurity issues are now available for Red Hat Enterprise Linux 3.

Summary

Kerberos is a networked authentication system that uses a trusted thirdparty (a KDC) to authenticate clients and servers to each other.Several double-free bugs were found in the Kerberos 5 KDC and libraries. Aremote attacker could potentially exploit these flaws to execuate arbitrarycode. The Common Vulnerabilities and Exposures project (cve.mitre.org) hasassigned the names CAN-2004-0642 and CAN-2004-0643 to these issues.A double-free bug was also found in the krb524 server (CAN-2004-0772),however this issue does not affect Red Hat Enterprise Linux 3 Kerberospackages.An infinite loop bug was found in the Kerberos 5 ASN.1 decoder library. Aremote attacker may be able to trigger this flaw and cause a denial ofservice. The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CAN-2004-0644 to this issue.When attempting to contact a KDC, the Kerberos libraries will iteratethrough the list of configured servers, attempting to contact each in turn.If one of the servers becomes unresponsive, the client will time out andcontact the next configured server. When the library attempts to contactthe next KDC, the entire process is repeated. For applications which mustcontact a KDC several times, the accumulated time spent waiting can becomesignificant.This update modifies the libraries, notes which server for a given realmlast responded to a request, and attempts to contact that server firstbefore contacting any of the other configured servers.All users of krb5 should upgrade to these updated packages, which containbackported security patches to resolve these issues.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website:
https://access.redhat.com
5. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
3c91ce8bc77bd9bc5bf2f00c09d23cff krb5-1.2.7-28.src.rpm
i386: 758976fe956ac98a73809b4cc716d4c5 krb5-devel-1.2.7-28.i386.rpm 6a5c52f4ec0a575ca3f22696c592ecc6 krb5-libs-1.2.7-28.i386.rpm d805a5ef4dc5c16f1a6957cd60769076 krb5-server-1.2.7-28.i386.rpm 2fee85ec1cc48fe67b90cd9954149321 krb5-workstation-1.2.7-28.i386.rpm
ia64: 2d5b6ce0d861cb35c66e9ce11321ca09 krb5-devel-1.2.7-28.ia64.rpm dd27b1cfed80262c724f20400d174ae6 krb5-libs-1.2.7-28.ia64.rpm 0c0b19114325ab9b9798398009abc745 krb5-server-1.2.7-28.ia64.rpm b6d331840e0a625073c03f3629b71b6f krb5-workstation-1.2.7-28.ia64.rpm
ppc: 548446398708f1ee3a1820be932c427c krb5-devel-1.2.7-28.ppc.rpm 32f8d495713aad38cf0961e7eab8146f krb5-libs-1.2.7-28.ppc.rpm 2805823ff0ceeb7fd084f4cd1322f180 krb5-server-1.2.7-28.ppc.rpm c896eb2e27858495ca85a7f4f60b7d9d krb5-workstation-1.2.7-28.ppc.rpm
ppc64: 9571b0242acad9ec5601b941aa5cf93e krb5-devel-1.2.7-28.ppc64.rpm 8bba9563078f648f8399be16a4a52d2a krb5-libs-1.2.7-28.ppc64.rpm 48df8c1d94161a229cf5d52e0f2224ed krb5-server-1.2.7-28.ppc64.rpm 683c8c478512a0d2ef8d4b631e038501 krb5-workstation-1.2.7-28.ppc64.rpm
s390: e1ab9eb4bef50ef7830e9504c988e4b8 krb5-devel-1.2.7-28.s390.rpm 4786e0ba3adbccca954fb2dee1034dd7 krb5-libs-1.2.7-28.s390.rpm 3b17e6311a345c13efa0322a6f47e08f krb5-server-1.2.7-28.s390.rpm ce72c91a8d4dd92969bc099866a693cd krb5-workstation-1.2.7-28.s390.rpm
s390x: 9c3c9f758c4a619e852f5289f31614fd krb5-devel-1.2.7-28.s390x.rpm 94d14bb7d2e34140941c51839b4cf4f6 krb5-libs-1.2.7-28.s390x.rpm 9e11ac40de7e36037cc4da2346c5f64f krb5-server-1.2.7-28.s390x.rpm c2f65cd14134efa5794c732ed7e210df krb5-workstation-1.2.7-28.s390x.rpm
x86_64: 4b5d4f9ec25bf69bf3d1632b8f9dfece krb5-devel-1.2.7-28.x86_64.rpm 3ba1a8cda52f4c5c4f235390b5ab231c krb5-libs-1.2.7-28.x86_64.rpm 4dae049940b908786c4c18ec2c4633e0 krb5-server-1.2.7-28.x86_64.rpm c68b7f6f4571165da841e89fb2de809d krb5-workstation-1.2.7-28.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
3c91ce8bc77bd9bc5bf2f00c09d23cff krb5-1.2.7-28.src.rpm
i386: 758976fe956ac98a73809b4cc716d4c5 krb5-devel-1.2.7-28.i386.rpm 6a5c52f4ec0a575ca3f22696c592ecc6 krb5-libs-1.2.7-28.i386.rpm d805a5ef4dc5c16f1a6957cd60769076 krb5-server-1.2.7-28.i386.rpm 2fee85ec1cc48fe67b90cd9954149321 krb5-workstation-1.2.7-28.i386.rpm
x86_64: 4b5d4f9ec25bf69bf3d1632b8f9dfece krb5-devel-1.2.7-28.x86_64.rpm 3ba1a8cda52f4c5c4f235390b5ab231c krb5-libs-1.2.7-28.x86_64.rpm 4dae049940b908786c4c18ec2c4633e0 krb5-server-1.2.7-28.x86_64.rpm c68b7f6f4571165da841e89fb2de809d krb5-workstation-1.2.7-28.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
3c91ce8bc77bd9bc5bf2f00c09d23cff krb5-1.2.7-28.src.rpm
i386: 758976fe956ac98a73809b4cc716d4c5 krb5-devel-1.2.7-28.i386.rpm 6a5c52f4ec0a575ca3f22696c592ecc6 krb5-libs-1.2.7-28.i386.rpm d805a5ef4dc5c16f1a6957cd60769076 krb5-server-1.2.7-28.i386.rpm 2fee85ec1cc48fe67b90cd9954149321 krb5-workstation-1.2.7-28.i386.rpm
ia64: 2d5b6ce0d861cb35c66e9ce11321ca09 krb5-devel-1.2.7-28.ia64.rpm dd27b1cfed80262c724f20400d174ae6 krb5-libs-1.2.7-28.ia64.rpm 0c0b19114325ab9b9798398009abc745 krb5-server-1.2.7-28.ia64.rpm b6d331840e0a625073c03f3629b71b6f krb5-workstation-1.2.7-28.ia64.rpm
x86_64: 4b5d4f9ec25bf69bf3d1632b8f9dfece krb5-devel-1.2.7-28.x86_64.rpm 3ba1a8cda52f4c5c4f235390b5ab231c krb5-libs-1.2.7-28.x86_64.rpm 4dae049940b908786c4c18ec2c4633e0 krb5-server-1.2.7-28.x86_64.rpm c68b7f6f4571165da841e89fb2de809d krb5-workstation-1.2.7-28.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
3c91ce8bc77bd9bc5bf2f00c09d23cff krb5-1.2.7-28.src.rpm
i386: 758976fe956ac98a73809b4cc716d4c5 krb5-devel-1.2.7-28.i386.rpm 6a5c52f4ec0a575ca3f22696c592ecc6 krb5-libs-1.2.7-28.i386.rpm d805a5ef4dc5c16f1a6957cd60769076 krb5-server-1.2.7-28.i386.rpm 2fee85ec1cc48fe67b90cd9954149321 krb5-workstation-1.2.7-28.i386.rpm
ia64: 2d5b6ce0d861cb35c66e9ce11321ca09 krb5-devel-1.2.7-28.ia64.rpm dd27b1cfed80262c724f20400d174ae6 krb5-libs-1.2.7-28.ia64.rpm 0c0b19114325ab9b9798398009abc745 krb5-server-1.2.7-28.ia64.rpm b6d331840e0a625073c03f3629b71b6f krb5-workstation-1.2.7-28.ia64.rpm
x86_64: 4b5d4f9ec25bf69bf3d1632b8f9dfece krb5-devel-1.2.7-28.x86_64.rpm 3ba1a8cda52f4c5c4f235390b5ab231c krb5-libs-1.2.7-28.x86_64.rpm 4dae049940b908786c4c18ec2c4633e0 krb5-server-1.2.7-28.x86_64.rpm c68b7f6f4571165da841e89fb2de809d krb5-workstation-1.2.7-28.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from