Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 23rd, 2015
Linux Advisory Watch: March 20th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 916-1: Kerberos vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Emmanuel Bouillon discovered that Kerberos did not correctly handlecertain message types. An unauthenticated remote attacker could sendspecially crafted traffic to cause the KDC to crash, leading to a denialof service. (CVE-2010-0283) [More...]
Ubuntu Security Notice USN-916-1             March 23, 2010
krb5 vulnerabilities
CVE-2010-0283, CVE-2010-0628

A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  krb5-kdc                        1.7dfsg~beta3-1ubuntu0.5
  libgssapi-krb5-2                1.7dfsg~beta3-1ubuntu0.5

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Emmanuel Bouillon discovered that Kerberos did not correctly handle
certain message types.  An unauthenticated remote attacker could send
specially crafted traffic to cause the KDC to crash, leading to a denial
of service. (CVE-2010-0283)

Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered
that Kerberos did not correctly handle certain GSS packets.  An
unauthenticated remote attacker could send specially crafted traffic
that would cause services using GSS-API to crash, leading to a denial
of service. (CVE-2010-0628)

Updated packages for Ubuntu 9.10:

  Source archives:
      Size/MD5:   109771 251d580217995b122a2e44c462c477c4
      Size/MD5:     1780 29d971fcd21f4a4d07b69c5da60ef6d3
      Size/MD5: 12235083 5219bf9a5c23d6a1d9d9687b918f632d

  Architecture independent packages:
      Size/MD5:  2174480 cd74ab02997fc7a0b40be396af6b5d1c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   142316 85cbf145a99e160b917c60ce6df6c871
      Size/MD5:   114750 727cf2d7378bcb0a2cb2e8525152c136
      Size/MD5:    78944 5812796d8e9576949ca6590fba6076d6
      Size/MD5:   110550 b010e33f425668f01d68c88a9280a4fa
      Size/MD5:    61100 bbef0141968bc0abb06b40ccf398f03f
      Size/MD5:    74662 b388197aab1a2159564fba5439267083
      Size/MD5:    58856 7ebfa74e11e583428cdecc1562f2269c
      Size/MD5:   354298 5c5ede84c4e0158161026a8c6db64a56
      Size/MD5:  1497276 5b9cf128382a6cb2e9edd1c43fbcf50e
      Size/MD5:   101374 39f182f5a00d9f93d4922bbdc69a2376
      Size/MD5:    41954 4bf81b07f1a8136e635ec7ece590d101
      Size/MD5:   109788 8b7f30ef636e7fab46d548de8142f572
      Size/MD5:   218016 c5ddcb4f6d12d68c52938e1de49a4132
      Size/MD5:    70928 63a146898e09513ddf275f44b8c3739f
      Size/MD5:   111954 4f68125c3af4493a2ad2687be42a426d
      Size/MD5:   208416 aafee5ace7dc7c88ecdf1d02ff0d5ac2
      Size/MD5:    72698 ec69fa68c460603f6afe86742b2a43a2
      Size/MD5:    86314 c1dc390b6248f0045abec8bee136e483
      Size/MD5:    77510 9bdb428197111041052a4523dd7b4a64

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   133562 33481585fb1625531937a61b70eb4d34
      Size/MD5:   108484 fa0e10ee3954f28833c6635ac2edfb4f
      Size/MD5:    72356 fc555d6359a4b43fb487a495ba7c7c8e
      Size/MD5:   102628 d2126ed69acf3012853c4c7149a6efd1
      Size/MD5:    57798 81cdf6e994da250f11bbcfbae6655066
      Size/MD5:    70306 c8c1140fb3ef7c0d9388454ad95f2654
      Size/MD5:    56446 ff494f9d658a2d1205aee83bb16c4d69
      Size/MD5:   337666 843e5af2d627a2ebc50d2b5c2b5e2de9
      Size/MD5:  1478506 add11421da9cfb8bb36e07a8dfaefe17
      Size/MD5:   101394 3879fec22a6f4b7f066c6d33ff4b762a
      Size/MD5:    40130 5cfadb59248e45324bc427dacf8fbf11
      Size/MD5:   101946 c9ce72e4aa56884c41f26e3fc1bd473d
      Size/MD5:   196144 f267e74502b70cf97e1a28c9c93db41a
      Size/MD5:    65714 8f86c95c49b95348fccc3fde95f1ce40
      Size/MD5:   106662 182cbc5e73c39daf57aeb5acd0a168b1
      Size/MD5:   192638 dcbb87f430b2433078328d4332a6fe79
      Size/MD5:    69498 d5b49717bab5497b8186957320c80232
      Size/MD5:    80600 d24e997ed4f780feceff36d003af2570
      Size/MD5:    71268 ffbb337a825616f11e37b2bd29a9800c

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   133630 fc1b87c1711c4947244200dd478ef444
      Size/MD5:   107636 5fd384ba227f429e88290e40e724ba80
      Size/MD5:    71790 53e00257e132f4a8768600f1c9b21260
      Size/MD5:   102796 394578fe64c5356a2e92a9884b313b73
      Size/MD5:    57380 d0b13a8203efb990ef91382346157aef
      Size/MD5:    70440 c33ccedeec89c90988f6d9464640a568
      Size/MD5:    56088 2e379a3592102433cb0711bf46896294
      Size/MD5:   335052 a2c61d59904c8ec2bbe261b2cec82700
      Size/MD5:  1499572 283fe7048dc5400b659af9ba3d57f69a
      Size/MD5:   101382 277ba131f6402d1889a8ec45a2f94bad
      Size/MD5:    39856 a94213ee1c41aabd607f4783e33f4bf4
      Size/MD5:   102506 de388be8e8c3e8a7631badee7105e499
      Size/MD5:   193080 c0f87727848e52da8e7cc5abe5104b1c
      Size/MD5:    65886 377c1c669f72038b96e9d7a0bfc3f12f
      Size/MD5:   106730 8a5afc76f10bcaf138f902335f6eb8d6
      Size/MD5:   192892 31e48adb378faaa483276409c3e2abc2
      Size/MD5:    69616 a636894e909bb32f5e412dbe98007eba
      Size/MD5:    80418 97ea8aafe24cc2ead89b7976a60a28d3
      Size/MD5:    71582 8318910fb123a34d4adf5f47a141e09a

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   139534 f966bd7cfe1dcd2843236451106439fc
      Size/MD5:   113406 87b15e5058e8a19a03a817daf99d2e83
      Size/MD5:    77894 539e7fb93cc01b595ea60184bc39ec39
      Size/MD5:   116690 376963347036a703ce9877a7e62c4e5c
      Size/MD5:    59350 cdc4e3e0f1370fad8f6049ea6d0adcec
      Size/MD5:    73752 7addb02fdf6f4fdf27fe8088615cc618
      Size/MD5:    58138 dd28607be8ec39baaccea667b245e192
      Size/MD5:   359876 173254c4f7af5d35f08dd221f70ed3da
      Size/MD5:  1535170 2c9626e75cebf352e5d5f41700ed5b15
      Size/MD5:   101396 6841a8124377980a09fc7f98ff226609
      Size/MD5:    41490 96aa5940ca677824d69c1ed318a5f725
      Size/MD5:   107662 3b37b2cf7893bf6beff7df39c2fcf0f0
      Size/MD5:   211876 681d07df00a1a734285adfea97856ce1
      Size/MD5:    69812 6db271b54f7413dc664c77944a43beeb
      Size/MD5:   112032 d3268b0e0f2d7783a5e6ab7656282ae1
      Size/MD5:   205876 f5aad1eb67b5b3b489756b233fad6601
      Size/MD5:    71218 0526d12d067d010ce5f4a3b0346458ed
      Size/MD5:    83892 b74f13e19a9bb18069e3e68366a52676
      Size/MD5:    76392 bfbfe5d29d1050746fd12d6d32e8d278

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   136710 2a3f784be1c6a7aa2bf532fccef0993c
      Size/MD5:   101152 287e16321537b3b6883d7cbc0a490e66
      Size/MD5:    71320 3f7f97b5611fbae72125d1de3e8ceadd
      Size/MD5:   108278 8cbc83919284af0940cd71b81f399717
      Size/MD5:    55382 1a87fe0cb6094a4d4c5a6e68a9489900
      Size/MD5:    66912 0bec123f6f6ae1deb21dcc00e6c89b3b
      Size/MD5:    54330 2a0d46b699a916d388aad956b525cfd6
      Size/MD5:   324476 2d7e1bd9ff664206d668ee35690f268c
      Size/MD5:  1381150 4da8fdb8afe7320c9575d96d528c2f1b
      Size/MD5:   101392 e05d0810587e6c0f7fcb0e1171bc99dc
      Size/MD5:    39682 cb1b6bc3787be0709f6e50f22aed670d
      Size/MD5:   103896 4e483ed50125445fdcb912cf10b07fba
      Size/MD5:   208656 5c3112b964543d32a6b0dcc62f7c881a
      Size/MD5:    68448 a53cbfc2c8a4a932beed070cb68a89d6
      Size/MD5:   105634 ef89d02dda4c208753ab5d375e263d4b
      Size/MD5:   192238 af2735a8a36dca55fa209240a7b70e1a
      Size/MD5:    64982 c4f56e09a75d2561d51649395235abde
      Size/MD5:    84402 115408dd4db701e4e5708ffb1146d1de
      Size/MD5:    73458 ca8005003b14752d8951f04b367ae299

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Tech Companies, Privacy Advocates Call for NSA Reform
Google warns of unauthorized TLS certificates trusted by almost all OSes
How Kevin Mitnick hacked the audience at CeBIT 2015
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.