
Bugtraqmailing list archives
[USN-58-1] MIT Kerberos server vulnerability
From: Martin Pitt <martin.pitt () canonical com>
Date: Mon, 10 Jan 2005 14:46:58 +0100
===========================================================Ubuntu Security Notice USN-58-1 January 10, 2005krb5 vulnerabilityCAN-2004-1189===========================================================A security issue affects the following Ubuntu releases:Ubuntu 4.10 (Warty Warthog)The following packages are affected:krb5-admin-serverkrb5-kdclibkadm55libkrb53The problem can be corrected by upgrading the affected package toversion 1.3.4-3ubuntu0.1. In general, a standard system upgrade issufficient to effect the necessary changes.Details follow:Michael Tautschnig discovered a possible buffer overflow in theadd_to_history() function in the MIT Kerberos 5 implementation.Performing a password change did not properly track the passwordpolicy's history count and the maximum number of keys. This couldcause an array overflow and may have allowed authenticated users (notnecessarily one with administrative privileges) to execute arbitrarycode on the KDC host, compromising an entire Kerberos realm. Source archives:http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.3.4-3ubuntu0.1.diff.gz Size/MD5: 660788 a3e773e901a67368f8dd322a903f7f81http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.3.4-3ubuntu0.1.dsc Size/MD5: 788 e9baf1ebfa972d585f829d7e64465beahttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.3.4.orig.tar.gz Size/MD5: 6361011 23ddf1655f7f180835cf34d104088473 Architecture independent packages:http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.3.4-3ubuntu0.1_all.deb Size/MD5: 716542 5b8265007cf5f2176955aacfe3eb45eb amd64 architecture (Athlon64, Opteron, EM64T Xeon)http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 103764 7f4720f5b36e50c49f30bc99917dc31ahttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 215204 30b4d7e2a133cce888127798b843566ahttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 55802 92a9097d2c5fc574d644dd062a2a2d0chttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 123580 977b0f8def9a58ab022a2e8321f5d29dhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 81578 58fa9d55d6316f1540d642696509e04bhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 62318 ae6908459976878856a666950f2c956dhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 135856 0012a1ff533388ec7a6a4082f9eaa23ahttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 176484 e26c41328f72a6b4ff3f9dfd16819429http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 651556 c41b666bd8ba980bb5240c8de4a22a42http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.4-3ubuntu0.1_amd64.deb Size/MD5: 367872 7c2ddc51d5fb971540aa2ddb74e136d0 i386 architecture (x86 compatible Intel/AMD)http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 92828 40b738af512065868c3bd38a86652ee0http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 186464 a2da914f916c3bf6b53d1c417e74b5cfhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 50728 c53fab7706867bfd2e2defaaca0e8abahttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 113756 2e6293b7d8788ca1e6584eeb371d4746http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 73758 d2b3b94e05e43169379c0d6a742d15e2http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 55284 8d279d10b1238c64e8e788e163d10697http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 125264 0e37aeb9bf575e214e526148f6021abdhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 160580 b735959ba91dad37fd12dd89faf798dehttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 559754 cccfdccc55db99dce5d79583060ec1a7http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.4-3ubuntu0.1_i386.deb Size/MD5: 339586 9c4e8bb211b3b463d2293a7e5acebac9 powerpc architecture (Apple Macintosh G3/G4/G5)http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 103998 72a3841148e8736286547e3b34b0d42dhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 214930 137626b6516e100a313612b79f28a2f4http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 55814 592491f4a84ce02651ec9489d2f64c4ehttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 124368 d68fe5a0c785baa01d2d7e7b6f14477fhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 81392 2c43228e3b6d42fcdd214a516e9a4329http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 60498 d2604219b83e84bea7ee2460a626fb59http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 141916 fa44026deba1951732f3748381d0f842http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 164366 b71f6b535f950994b907f39e8685ee57http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 633862 bc094b01dfd0b507e157c870b6fa94a8http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.4-3ubuntu0.1_powerpc.deb Size/MD5: 351532 6fdb209e66b2935696a43f60efad7934
Attachment:signature.asc
Description: Digital signature
Current thread:
- [USN-58-1] MIT Kerberos server vulnerabilityMartin Pitt (Jan 11)
