[35104] in bugtraq
TSSA-2004-009 - kerberos5
daemon@ATHENA.MIT.EDU (tinysofa Security Team)
Wed Jun 2 14:32:57 2004
Date: Wed, 2 Jun 2004 21:44:42 +1000
From: tinysofa Security Team <security@tinysofa.org>
To: tinysofa-announce@tinysofa.org
Cc: tinysofa-discuss@tinysofa.org, tinysofa-announce@tinysofa.org,
bugtraq@securityfocus.com
Message-ID: <20040602114442.GB20672@tinysofa.org>
Mail-Followup-To: tinysofa-announce@tinysofa.org,
tinysofa-discuss@tinysofa.org, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="MW5yreqqjyrRcusr"
Content-Disposition: inline
--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
_ =20
|_ . _ _ _ (_ _ =20
|_ | | ) \/ _) (_) | (_|=20
/ =20
Security Advisory #2004-009
Package names: kerberos5
Summary: Arbitary Code Execution
Advisory ID: TSSA-2004-009
Date: 2004-06-02
Affected versions: tinysofa enterprise server 1.0
tinysofa enterprise server 1.0-U1
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
Security Fixes
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Description
-----------
kerberos5:
* The krb5_aname_to_localname() library function contains multiple
buffer overflows which could be exploited to gain unauthorized root
access. Exploitation of these flaws requires an unusual combination
of factors, including successful authentication to a vulnerable
service and a non-default configuration on the target service. This
flaw effects all releases of MIT Kerberos 5 [0], up to and including
krb5-1.3.3.
This problem has been assigned the id MITKRB5-SA-2004-001 [1].
References
----------
[0] http://web.mit.edu/kerberos/www/
[1] http://web.mit.edu/kerberos/www/advisories/
Recommended Action
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
We recommend that all systems with these packages installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location
=3D=3D=3D=3D=3D=3D=3D=3D
All tinysofa updates are available from
<URI:http://http.tinysofa.org/pub/tinysofa/updates/>
<URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/>
Automatic Updates
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Check out our mailing lists:
<URI:http://www.tinysofa.org/support/>
Verification
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This advisory is signed with the tinysofa security sign key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xAEDCBB4B>
All tinysofa packages are signed with the tinysofa stable sign key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x0F1240A2>
The advisory is available from the tinysofa errata database at
<URI:http://www.tinysofa.org/support/errata/>
or directly at
<URI:http://www.tinysofa.org/support/errata/2004/009.html>
MD5sums Of The Packages
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
3b57bce78cadabfb6a231bbc6bb32b6c kerberos5-1.3.3-3ts.i586.rpm
f13a566fa54b42bf7ea5fe34bdb22e75 kerberos5-devel-1.3.3-3ts.i586.rpm
5a1f1c757fe960e8510dc1b219e5bf41 kerberos5-libs-1.3.3-3ts.i586.rpm
--
tinysofa Security Team <security at tinysofa dot org>
--MW5yreqqjyrRcusr
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAvb2o6VF9/q7cu0sRAowoAJ4pB9KE5bkjMPnHoShIXCcGdjpgLwCfctAr
Yr8HTWsnJiOJl5xOoC+g8LQ=
=nEHX
-----END PGP SIGNATURE-----
--MW5yreqqjyrRcusr--
