==========================================================Ubuntu Security Notice USN-916-1             March 23, 2010
krb5 vulnerabilities
CVE-2010-0283, CVE-2010-0628
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  krb5-kdc                        1.7dfsg~beta3-1ubuntu0.5
  libgssapi-krb5-2                1.7dfsg~beta3-1ubuntu0.5

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Emmanuel Bouillon discovered that Kerberos did not correctly handle
certain message types.  An unauthenticated remote attacker could send
specially crafted traffic to cause the KDC to crash, leading to a denial
of service. (CVE-2010-0283)

Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered
that Kerberos did not correctly handle certain GSS packets.  An
unauthenticated remote attacker could send specially crafted traffic
that would cause services using GSS-API to crash, leading to a denial
of service. (CVE-2010-0628)


Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:   109771 251d580217995b122a2e44c462c477c4
          Size/MD5:     1780 29d971fcd21f4a4d07b69c5da60ef6d3
          Size/MD5: 12235083 5219bf9a5c23d6a1d9d9687b918f632d

  Architecture independent packages:

          Size/MD5:  2174480 cd74ab02997fc7a0b40be396af6b5d1c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   142316 85cbf145a99e160b917c60ce6df6c871
          Size/MD5:   114750 727cf2d7378bcb0a2cb2e8525152c136
          Size/MD5:    78944 5812796d8e9576949ca6590fba6076d6
          Size/MD5:   110550 b010e33f425668f01d68c88a9280a4fa
          Size/MD5:    61100 bbef0141968bc0abb06b40ccf398f03f
          Size/MD5:    74662 b388197aab1a2159564fba5439267083
          Size/MD5:    58856 7ebfa74e11e583428cdecc1562f2269c
          Size/MD5:   354298 5c5ede84c4e0158161026a8c6db64a56
          Size/MD5:  1497276 5b9cf128382a6cb2e9edd1c43fbcf50e
          Size/MD5:   101374 39f182f5a00d9f93d4922bbdc69a2376
          Size/MD5:    41954 4bf81b07f1a8136e635ec7ece590d101
          Size/MD5:   109788 8b7f30ef636e7fab46d548de8142f572
          Size/MD5:   218016 c5ddcb4f6d12d68c52938e1de49a4132
          Size/MD5:    70928 63a146898e09513ddf275f44b8c3739f
          Size/MD5:   111954 4f68125c3af4493a2ad2687be42a426d
          Size/MD5:   208416 aafee5ace7dc7c88ecdf1d02ff0d5ac2
          Size/MD5:    72698 ec69fa68c460603f6afe86742b2a43a2
          Size/MD5:    86314 c1dc390b6248f0045abec8bee136e483
          Size/MD5:    77510 9bdb428197111041052a4523dd7b4a64

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   133562 33481585fb1625531937a61b70eb4d34
          Size/MD5:   108484 fa0e10ee3954f28833c6635ac2edfb4f
          Size/MD5:    72356 fc555d6359a4b43fb487a495ba7c7c8e
          Size/MD5:   102628 d2126ed69acf3012853c4c7149a6efd1
          Size/MD5:    57798 81cdf6e994da250f11bbcfbae6655066
          Size/MD5:    70306 c8c1140fb3ef7c0d9388454ad95f2654
          Size/MD5:    56446 ff494f9d658a2d1205aee83bb16c4d69
          Size/MD5:   337666 843e5af2d627a2ebc50d2b5c2b5e2de9
          Size/MD5:  1478506 add11421da9cfb8bb36e07a8dfaefe17
          Size/MD5:   101394 3879fec22a6f4b7f066c6d33ff4b762a
          Size/MD5:    40130 5cfadb59248e45324bc427dacf8fbf11
          Size/MD5:   101946 c9ce72e4aa56884c41f26e3fc1bd473d
          Size/MD5:   196144 f267e74502b70cf97e1a28c9c93db41a
          Size/MD5:    65714 8f86c95c49b95348fccc3fde95f1ce40
          Size/MD5:   106662 182cbc5e73c39daf57aeb5acd0a168b1
          Size/MD5:   192638 dcbb87f430b2433078328d4332a6fe79
          Size/MD5:    69498 d5b49717bab5497b8186957320c80232
          Size/MD5:    80600 d24e997ed4f780feceff36d003af2570
          Size/MD5:    71268 ffbb337a825616f11e37b2bd29a9800c

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   133630 fc1b87c1711c4947244200dd478ef444
          Size/MD5:   107636 5fd384ba227f429e88290e40e724ba80
          Size/MD5:    71790 53e00257e132f4a8768600f1c9b21260
          Size/MD5:   102796 394578fe64c5356a2e92a9884b313b73
          Size/MD5:    57380 d0b13a8203efb990ef91382346157aef
          Size/MD5:    70440 c33ccedeec89c90988f6d9464640a568
          Size/MD5:    56088 2e379a3592102433cb0711bf46896294
          Size/MD5:   335052 a2c61d59904c8ec2bbe261b2cec82700
          Size/MD5:  1499572 283fe7048dc5400b659af9ba3d57f69a
          Size/MD5:   101382 277ba131f6402d1889a8ec45a2f94bad
          Size/MD5:    39856 a94213ee1c41aabd607f4783e33f4bf4
          Size/MD5:   102506 de388be8e8c3e8a7631badee7105e499
          Size/MD5:   193080 c0f87727848e52da8e7cc5abe5104b1c
          Size/MD5:    65886 377c1c669f72038b96e9d7a0bfc3f12f
          Size/MD5:   106730 8a5afc76f10bcaf138f902335f6eb8d6
          Size/MD5:   192892 31e48adb378faaa483276409c3e2abc2
          Size/MD5:    69616 a636894e909bb32f5e412dbe98007eba
          Size/MD5:    80418 97ea8aafe24cc2ead89b7976a60a28d3
          Size/MD5:    71582 8318910fb123a34d4adf5f47a141e09a

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   139534 f966bd7cfe1dcd2843236451106439fc
          Size/MD5:   113406 87b15e5058e8a19a03a817daf99d2e83
          Size/MD5:    77894 539e7fb93cc01b595ea60184bc39ec39
          Size/MD5:   116690 376963347036a703ce9877a7e62c4e5c
          Size/MD5:    59350 cdc4e3e0f1370fad8f6049ea6d0adcec
          Size/MD5:    73752 7addb02fdf6f4fdf27fe8088615cc618
          Size/MD5:    58138 dd28607be8ec39baaccea667b245e192
          Size/MD5:   359876 173254c4f7af5d35f08dd221f70ed3da
          Size/MD5:  1535170 2c9626e75cebf352e5d5f41700ed5b15
          Size/MD5:   101396 6841a8124377980a09fc7f98ff226609
          Size/MD5:    41490 96aa5940ca677824d69c1ed318a5f725
          Size/MD5:   107662 3b37b2cf7893bf6beff7df39c2fcf0f0
          Size/MD5:   211876 681d07df00a1a734285adfea97856ce1
          Size/MD5:    69812 6db271b54f7413dc664c77944a43beeb
          Size/MD5:   112032 d3268b0e0f2d7783a5e6ab7656282ae1
          Size/MD5:   205876 f5aad1eb67b5b3b489756b233fad6601
          Size/MD5:    71218 0526d12d067d010ce5f4a3b0346458ed
          Size/MD5:    83892 b74f13e19a9bb18069e3e68366a52676
          Size/MD5:    76392 bfbfe5d29d1050746fd12d6d32e8d278

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   136710 2a3f784be1c6a7aa2bf532fccef0993c
          Size/MD5:   101152 287e16321537b3b6883d7cbc0a490e66
          Size/MD5:    71320 3f7f97b5611fbae72125d1de3e8ceadd
          Size/MD5:   108278 8cbc83919284af0940cd71b81f399717
          Size/MD5:    55382 1a87fe0cb6094a4d4c5a6e68a9489900
          Size/MD5:    66912 0bec123f6f6ae1deb21dcc00e6c89b3b
          Size/MD5:    54330 2a0d46b699a916d388aad956b525cfd6
          Size/MD5:   324476 2d7e1bd9ff664206d668ee35690f268c
          Size/MD5:  1381150 4da8fdb8afe7320c9575d96d528c2f1b
          Size/MD5:   101392 e05d0810587e6c0f7fcb0e1171bc99dc
          Size/MD5:    39682 cb1b6bc3787be0709f6e50f22aed670d
          Size/MD5:   103896 4e483ed50125445fdcb912cf10b07fba
          Size/MD5:   208656 5c3112b964543d32a6b0dcc62f7c881a
          Size/MD5:    68448 a53cbfc2c8a4a932beed070cb68a89d6
          Size/MD5:   105634 ef89d02dda4c208753ab5d375e263d4b
          Size/MD5:   192238 af2735a8a36dca55fa209240a7b70e1a
          Size/MD5:    64982 c4f56e09a75d2561d51649395235abde
          Size/MD5:    84402 115408dd4db701e4e5708ffb1146d1de
          Size/MD5:    73458 ca8005003b14752d8951f04b367ae299

Ubuntu 916-1: Kerberos vulnerabilities

March 23, 2010
Emmanuel Bouillon discovered that Kerberos did not correctly handlecertain message types

Summary

Update Instructions

References

Severity
krb5 vulnerabilities

Package Information

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved