LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2013:166: krb5 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been discovered and corrected in krb5: The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack (CVE-2002-2443). [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:166
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : krb5
 Date    : May 21, 2013
 Affected: Business Server 1.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been discovered and corrected in krb5:
 
 The kpasswd service provided by kadmind was vulnerable to a UDP
 ping-pong attack (CVE-2002-2443).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
 https://bugzilla.redhat.com/show_bug.cgi?id=962531
 _______________________________________________________________________

 Updated Packages:

 Mandriva Enterprise Server 5:
 762c01ff4ce813cd3c5acce794c29aa3  mes5/i586/krb5-1.8.1-0.11mdvmes5.2.i586.rpm
 415beef49e20f8b89c84b0270afbf1d6  mes5/i586/krb5-pkinit-openssl-1.8.1-0.11mdvmes5.2.i586.rpm
 a6bd6778ab49710b1a50633555b0dc27  mes5/i586/krb5-server-1.8.1-0.11mdvmes5.2.i586.rpm
 497cfca620c25dd7ce523a61afdccc5e  mes5/i586/krb5-server-ldap-1.8.1-0.11mdvmes5.2.i586.rpm
 2fe4670b52795e8c74f53e7eee826c2c  mes5/i586/krb5-workstation-1.8.1-0.11mdvmes5.2.i586.rpm
 22926f634ea6ba5f816c14a2e30cc38a  mes5/i586/libkrb53-1.8.1-0.11mdvmes5.2.i586.rpm
 477f8f61cd9c8e577cd6797e850978ce  mes5/i586/libkrb53-devel-1.8.1-0.11mdvmes5.2.i586.rpm 
 77c66246600b71f6471f75054e886cd4  mes5/SRPMS/krb5-1.8.1-0.11mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 1cab52ff4c719378b97ec3acbc7d911f  mes5/x86_64/krb5-1.8.1-0.11mdvmes5.2.x86_64.rpm
 b5d51d32e5eaa96ab973e5ce151a5254  mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.11mdvmes5.2.x86_64.rpm
 6218fc79250aaec5c7ca19b193fdb8dc  mes5/x86_64/krb5-server-1.8.1-0.11mdvmes5.2.x86_64.rpm
 88de99aa8cde8adaee672c265292a355  mes5/x86_64/krb5-server-ldap-1.8.1-0.11mdvmes5.2.x86_64.rpm
 39791a90573b4de08efdaf0193bbc5dc  mes5/x86_64/krb5-workstation-1.8.1-0.11mdvmes5.2.x86_64.rpm
 846b75578bb5559cfcf7aa2ce9e43156  mes5/x86_64/lib64krb53-1.8.1-0.11mdvmes5.2.x86_64.rpm
 7351a8d2be13df25ab9c2534489a2da0  mes5/x86_64/lib64krb53-devel-1.8.1-0.11mdvmes5.2.x86_64.rpm 
 77c66246600b71f6471f75054e886cd4  mes5/SRPMS/krb5-1.8.1-0.11mdvmes5.2.src.rpm

 Mandriva Business Server 1/X86_64:
 3150d604a21be2373d223457da156734  mbs1/x86_64/krb5-1.9.2-3.3.mbs1.x86_64.rpm
 52729f0759e686cfdf5f9c99efc28862  mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.3.mbs1.x86_64.rpm
 4b997282ad6dd76eb7a10f07809bef71  mbs1/x86_64/krb5-server-1.9.2-3.3.mbs1.x86_64.rpm
 b10b3c0211e071ab93e818db684098f9  mbs1/x86_64/krb5-server-ldap-1.9.2-3.3.mbs1.x86_64.rpm
 417d23306554b1d7d290e8d3fed1a2d8  mbs1/x86_64/krb5-workstation-1.9.2-3.3.mbs1.x86_64.rpm
 a17c8e2438c0415c9ea478bcc0715101  mbs1/x86_64/lib64krb53-1.9.2-3.3.mbs1.x86_64.rpm
 2d05c4ac4b44be10ea1e3d4337689512  mbs1/x86_64/lib64krb53-devel-1.9.2-3.3.mbs1.x86_64.rpm 
 95305e2323d63546e970538b7d692447  mbs1/SRPMS/krb5-1.9.2-3.3.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Google to turn on encryption by default in next Android version
TOR users become FBI's No.1 hacking target after legal power grab
OWASP Releases Latest App Sec Guide
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.