Debian: DSA-3000-1: krb5 security update
Debian: DSA-3000-1: krb5 security update
Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems:
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3000-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : krb5 CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 Debian Bug : 753624 753625 755520 755521 757416 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when attempting to read beyond the end of a buffer. CVE-2014-4342 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when reading beyond the end of a buffer or by causing a null pointer dereference. CVE-2014-4343 An unauthenticated remote attacker with the ability to spoof packets appearing to be from a GSSAPI acceptor can cause a double-free condition in GSSAPI initiators (clients) which are using the SPNEGO mechanism, by returning a different underlying mechanism than was proposed by the initiator. A remote attacker could exploit this flaw to cause an application crash or potentially execute arbitrary code. CVE-2014-4344 An unauthenticated or partially authenticated remote attacker can cause a NULL dereference and application crash during a SPNEGO negotiation by sending an empty token as the second or later context token from initiator to acceptor. CVE-2014-4345 When kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow). For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2. For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. We recommend that you upgrade your krb5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.