SCIENTIFIC-LINUX-ERRATA Archives

March 2008

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA for krb5 on SL3.x, SL4.x, SL5.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Tue, 18 Mar 2008 16:48:03 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (92 lines) 
Synopsis:	Critical: krb5 security update
Issue date:	2008-03-18
CVE Names:	CVE-2007-5971 CVE-2008-0062 CVE-2008-0063 CVE-2008-0948
                 CVE-2007-5901 CVE-2008-0947

A flaw was found in the way the MIT Kerberos Authentication Service and Key
Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets.
An unauthenticated remote attacker could use this flaw to crash the
krb5kdc daemon, disclose portions of its memory, or possibly execute
arbitrary code using malformed or truncated Kerberos v4 protocol
requests. (CVE-2008-0062, CVE-2008-0063)

This issue only affected krb5kdc with Kerberos v4 protocol compatibility
enabled, which is the default setting on Scientific Linux 4.
Kerberos v4 protocol support can be disabled by adding "v4_mode=none"
(without the quotes) to the "[kdcdefaults]" section of
/var/kerberos/krb5kdc/kdc.conf.

SL 3x only:
A flaw was found in the RPC library used by the MIT Kerberos kadmind
server. An unauthenticated remote attacker could use this flaw to crash
kadmind. This issue only affected systems with certain resource limits
configured and did not affect systems using default resource limits used by
Scientific Linux 3. (CVE-2008-0948)

SL 4x and 5x only:
Multiple memory management flaws were discovered in the GSSAPI library used
by MIT Kerberos. These flaws could possibly result in use of already freed
memory or an attempt to free already freed memory blocks (double-free
flaw), possibly causing a crash or arbitrary code execution.
(CVE-2007-5901, CVE-2007-5971)

SL 5x only:
Jeff Altman of Secure Endpoints discovered a flaw in the RPC library as
used by MIT Kerberos kadmind server. An unauthenticated remote attacker
could use this flaw to crash kadmind or possibly execute arbitrary code.
This issue only affected systems with certain resource limits configured
and did not affect systems using default resource limits used by Red Hat
Enterprise Linux 5. (CVE-2008-0947)

SL 3.0.x

      SRPMS:
krb5-1.2.7-68.src.rpm
      i386:
krb5-devel-1.2.7-68.i386.rpm
krb5-libs-1.2.7-68.i386.rpm
krb5-server-1.2.7-68.i386.rpm
krb5-workstation-1.2.7-68.i386.rpm
      x86_64:
krb5-devel-1.2.7-68.x86_64.rpm
krb5-libs-1.2.7-68.i386.rpm
krb5-libs-1.2.7-68.x86_64.rpm
krb5-server-1.2.7-68.x86_64.rpm
krb5-workstation-1.2.7-68.x86_64.rpm

SL 4.x

      SRPMS:
krb5-1.3.4-54.el4_6.1.src.rpm
      i386:
krb5-devel-1.3.4-54.el4_6.1.i386.rpm
krb5-libs-1.3.4-54.el4_6.1.i386.rpm
krb5-server-1.3.4-54.el4_6.1.i386.rpm
krb5-workstation-1.3.4-54.el4_6.1.i386.rpm
      x86_64:
krb5-devel-1.3.4-54.el4_6.1.x86_64.rpm
krb5-libs-1.3.4-54.el4_6.1.i386.rpm
krb5-libs-1.3.4-54.el4_6.1.x86_64.rpm
krb5-server-1.3.4-54.el4_6.1.x86_64.rpm
krb5-workstation-1.3.4-54.el4_6.1.x86_64.rpm

SL 5.x

      SRPMS:
krb5-1.6.1-17.el5_1.1.src.rpm
      i386:
krb5-devel-1.6.1-17.el5_1.1.i386.rpm
krb5-libs-1.6.1-17.el5_1.1.i386.rpm
krb5-server-1.6.1-17.el5_1.1.i386.rpm
krb5-workstation-1.6.1-17.el5_1.1.i386.rpm
      x86_64:
krb5-devel-1.6.1-17.el5_1.1.i386.rpm
krb5-devel-1.6.1-17.el5_1.1.x86_64.rpm
krb5-libs-1.6.1-17.el5_1.1.i386.rpm
krb5-libs-1.6.1-17.el5_1.1.x86_64.rpm
krb5-server-1.6.1-17.el5_1.1.x86_64.rpm
krb5-workstation-1.6.1-17.el5_1.1.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2