Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 17.04: USN-3353-1 Critical: Heimdal Network Access Issue

ubuntu
Calendar Grey July 14, 2017
Dist Ubuntu Esm H88
The Heimdal patch addresses unexpected connectivity problems in Ubuntu. Ensure you install updates from USN-3353-1 to enhance system security.
Heimdal could allow unintended access to network services.

Summary

Heimdal could allow unintended access to network services.

Software Description:

- heimdal: Heimdal Kerberos Network Authentication Protocol

Details:

Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered

that Heimdal clients incorrectly trusted unauthenticated portions

of Kerberos tickets. A remote attacker could use this to impersonate

trusted network services or perform other attacks.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  libkrb5-26-heimdal              7.1.0+dfsg-9ubuntu1.1

Ubuntu 16.10:
  libkrb5-26-heimdal              1.7~git20150920+dfsg-4ubuntu1.16.10.1

Ubuntu 16.04 LTS:
  libkrb5-26-heimdal              1.7~git20150920+dfsg-4ubuntu1.16.04.1

Ubuntu 14.04 LTS:
  libkrb5-26-heimdal              1.6~git20131207+dfsg-1ubuntu1.2

After a standard system update you need to restart any applications
using Heimdal libraries to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3353-1

CVE-2017-11103

Severity
critical
Lowest
Low
Medium
High
Critical

July 14, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here