RedHat: Updated krb5 packages fix security

    Date19 Jan 2005
    CategoryRed Hat
    7339
    Posted ByJoe Shakespeare
    Updated Kerberos (krb5) packages that correct buffer overflow and temporary file bugs are now available for Red Hat Enterprise Linux.
    - ---------------------------------------------------------------------
                       Red Hat Security Advisory
    
    Synopsis:          Updated krb5 packages fix security vulnerabilities
    Advisory ID:       RHSA-2005:012-01
    Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-012.html
    Issue date:        2005-01-19
    Updated on:        2005-01-19
    Product:           Red Hat Enterprise Linux
    CVE Names:         CAN-2004-0971 CAN-2004-1189
    - ---------------------------------------------------------------------
    
    1. Summary:
    
    Updated Kerberos (krb5) packages that correct buffer overflow and temporary
    file bugs are now available for Red Hat Enterprise Linux.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
    Red Hat Linux Advanced Workstation 2.1 - ia64
    Red Hat Enterprise Linux ES version 2.1 - i386
    Red Hat Enterprise Linux WS version 2.1 - i386
    Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
    Red Hat Desktop version 3 - i386, x86_64
    Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
    Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
    
    3. Problem description:
    
    Kerberos is a networked authentication system that uses a trusted third
    party (a KDC) to authenticate clients and servers to each other.
    
    A heap based buffer overflow bug was found in the administration library of
    Kerberos 1.3.5 and earlier.  This bug could allow an authenticated remote
    attacker to execute arbitrary commands on a realm's master Kerberos KDC. 
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2004-1189 to this issue.
    
    Additionally a temporary file bug was found in the Kerberos krb5-send-pr
    program.  It is possible that an attacker could create a temporary file
    that would allow an arbitrary file to be overwritten which the victim has
    write access to.  The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2004-0971 to this issue.
    
    All users of krb5 should upgrade to these updated packages, which contain
    backported security patches to resolve these issues.
    
    4. Solution:
    
    Before applying this update, make sure that all previously-released
    errata relevant to your system have been applied.  Use Red Hat
    Network to download and update your packages.  To launch the Red Hat
    Update Agent, use the following command:
    
        up2date
    
    For information on how to install packages manually, refer to the
    following Web page for the System Administration or Customization
    guide specific to your system:
    
        http://www.redhat.com/docs/manuals/enterprise/
    
    5. Bug IDs fixed (http://bugzilla.redhat.com/):
    
    136304 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
    140066 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
    142902 - CAN-2004-1189 buffer overflow in krb5
    
    6. RPMs required:
    
    Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-32.src.rpm
    9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm
    
    i386:
    5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
    3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
    9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
    ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm
    
    ia64:
    7641b31ba2d148739cf87b4d80725f4e  krb5-devel-1.2.2-32.ia64.rpm
    cf1d8835e783ff996241275049b90275  krb5-libs-1.2.2-32.ia64.rpm
    95944c38c02a0985737ce92a974397e3  krb5-server-1.2.2-32.ia64.rpm
    3e318a692f05c640da6b25d5134cda87  krb5-workstation-1.2.2-32.ia64.rpm
    
    Red Hat Linux Advanced Workstation 2.1:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-32.src.rpm
    9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm
    
    ia64:
    7641b31ba2d148739cf87b4d80725f4e  krb5-devel-1.2.2-32.ia64.rpm
    cf1d8835e783ff996241275049b90275  krb5-libs-1.2.2-32.ia64.rpm
    95944c38c02a0985737ce92a974397e3  krb5-server-1.2.2-32.ia64.rpm
    3e318a692f05c640da6b25d5134cda87  krb5-workstation-1.2.2-32.ia64.rpm
    
    Red Hat Enterprise Linux ES version 2.1:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-32.src.rpm
    9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm
    
    i386:
    5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
    3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
    9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
    ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm
    
    Red Hat Enterprise Linux WS version 2.1:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-32.src.rpm
    9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm
    
    i386:
    5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
    3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
    9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
    ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm
    
    Red Hat Enterprise Linux AS version 3:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-38.src.rpm
    a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm
    
    i386:
    69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    dd38fa05c17e9e986b4d1181e695b3df  krb5-server-1.2.7-38.i386.rpm
    7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm
    
    ia64:
    361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
    a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    ac2c8fe8e7d8dfc9be4fea96f7283bac  krb5-server-1.2.7-38.ia64.rpm
    96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm
    
    ppc:
    18807f63b63422fd8bce85ea2ba0c8e4  krb5-devel-1.2.7-38.ppc.rpm
    89795f2d52b519f80a1df8fcddb0cb24  krb5-libs-1.2.7-38.ppc.rpm
    0a3b6bb917d51d6a3cb19e8d2b194001  krb5-server-1.2.7-38.ppc.rpm
    5917e264b07a6469e30c2ea87b6fc1fd  krb5-workstation-1.2.7-38.ppc.rpm
    
    ppc64:
    c552f8269adb38dbf21686e74085fb85  krb5-libs-1.2.7-38.ppc64.rpm
    
    s390:
    ce047097ae7b876514b9395e1b8524df  krb5-devel-1.2.7-38.s390.rpm
    a070cad5f21a22f7611ae641eb4b91f5  krb5-libs-1.2.7-38.s390.rpm
    1340f95c60414347b525a0b22cf72c03  krb5-server-1.2.7-38.s390.rpm
    0f82ce679c7f7d6750e6bf98330cfb5b  krb5-workstation-1.2.7-38.s390.rpm
    
    s390x:
    4d90a77748aaacd818d9e3f77433618b  krb5-devel-1.2.7-38.s390x.rpm
    0894dff280fc7550086b94a6737f1f45  krb5-libs-1.2.7-38.s390x.rpm
    a070cad5f21a22f7611ae641eb4b91f5  krb5-libs-1.2.7-38.s390.rpm
    084688d5e785317fc7e485ecc75710a8  krb5-server-1.2.7-38.s390x.rpm
    128834612bbe91305293d8d77c7bde7a  krb5-workstation-1.2.7-38.s390x.rpm
    
    x86_64:
    c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
    fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    fb069e8ce3c2ba661d1e4bc944b5b77d  krb5-server-1.2.7-38.x86_64.rpm
    c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm
    
    Red Hat Desktop version 3:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-38.src.rpm
    a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm
    
    i386:
    69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm
    
    x86_64:
    c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
    fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm
    
    Red Hat Enterprise Linux ES version 3:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-38.src.rpm
    a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm
    
    i386:
    69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    dd38fa05c17e9e986b4d1181e695b3df  krb5-server-1.2.7-38.i386.rpm
    7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm
    
    ia64:
    361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
    a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    ac2c8fe8e7d8dfc9be4fea96f7283bac  krb5-server-1.2.7-38.ia64.rpm
    96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm
    
    x86_64:
    c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
    fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    fb069e8ce3c2ba661d1e4bc944b5b77d  krb5-server-1.2.7-38.x86_64.rpm
    c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm
    
    Red Hat Enterprise Linux WS version 3:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-38.src.rpm
    a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm
    
    i386:
    69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm
    
    ia64:
    361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
    a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm
    
    x86_64:
    c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
    fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
    e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
    c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and 
    details on how to verify the signature are available from
    https://www.redhat.com/security/team/key/#package
    
    7. References:
    
    http://www.securityfocus.com/bid/11289
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0971
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1189
    
    8. Contact:
    
    The Red Hat security contact is .  More contact
    details at https://www.redhat.com/security/team/contact/
    
    Copyright 2005 Red Hat, Inc.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"67","type":"x","order":"1","pct":57.76,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":12.93,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.31,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.