Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2005.0062 -- RHSA-2005:012-01
Updated krb5 packages fix security vulnerabilities
20 January 2005
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Kerberos 1.3.5 and prior
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 3
Red Hat Desktop version 3
Red Hat Enterprise Linux AS/ES/WS 2.1
Red Hat Linux Advanced Workstation 2.1
Impact: Execute Arbitrary Code/Commands
Overwrite Arbitrary Files
Access: Existing Account
CVE Names: CAN-2004-1189 CAN-2004-0971
Ref: ESB-2004.0805
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-012.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated krb5 packages fix security vulnerabilities
Advisory ID: RHSA-2005:012-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-012.html
Issue date: 2005-01-19
Updated on: 2005-01-19
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0971 CAN-2004-1189
- - ---------------------------------------------------------------------
1. Summary:
Updated Kerberos (krb5) packages that correct buffer overflow and temporary
file bugs are now available for Red Hat Enterprise Linux.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
Kerberos is a networked authentication system that uses a trusted third
party (a KDC) to authenticate clients and servers to each other.
A heap based buffer overflow bug was found in the administration library of
Kerberos 1.3.5 and earlier. This bug could allow an authenticated remote
attacker to execute arbitrary commands on a realm's master Kerberos KDC.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-1189 to this issue.
Additionally a temporary file bug was found in the Kerberos krb5-send-pr
program. It is possible that an attacker could create a temporary file
that would allow an arbitrary file to be overwritten which the victim has
write access to. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0971 to this issue.
All users of krb5 should upgrade to these updated packages, which contain
backported security patches to resolve these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
136304 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
140066 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
142902 - CAN-2004-1189 buffer overflow in krb5
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-32.src.rpm
9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386:
5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
ia64:
7641b31ba2d148739cf87b4d80725f4e krb5-devel-1.2.2-32.ia64.rpm
cf1d8835e783ff996241275049b90275 krb5-libs-1.2.2-32.ia64.rpm
95944c38c02a0985737ce92a974397e3 krb5-server-1.2.2-32.ia64.rpm
3e318a692f05c640da6b25d5134cda87 krb5-workstation-1.2.2-32.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-32.src.rpm
9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
ia64:
7641b31ba2d148739cf87b4d80725f4e krb5-devel-1.2.2-32.ia64.rpm
cf1d8835e783ff996241275049b90275 krb5-libs-1.2.2-32.ia64.rpm
95944c38c02a0985737ce92a974397e3 krb5-server-1.2.2-32.ia64.rpm
3e318a692f05c640da6b25d5134cda87 krb5-workstation-1.2.2-32.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-32.src.rpm
9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386:
5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-32.src.rpm
9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386:
5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-38.src.rpm
a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386:
69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
dd38fa05c17e9e986b4d1181e695b3df krb5-server-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64:
361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
ac2c8fe8e7d8dfc9be4fea96f7283bac krb5-server-1.2.7-38.ia64.rpm
96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
ppc:
18807f63b63422fd8bce85ea2ba0c8e4 krb5-devel-1.2.7-38.ppc.rpm
89795f2d52b519f80a1df8fcddb0cb24 krb5-libs-1.2.7-38.ppc.rpm
0a3b6bb917d51d6a3cb19e8d2b194001 krb5-server-1.2.7-38.ppc.rpm
5917e264b07a6469e30c2ea87b6fc1fd krb5-workstation-1.2.7-38.ppc.rpm
ppc64:
c552f8269adb38dbf21686e74085fb85 krb5-libs-1.2.7-38.ppc64.rpm
s390:
ce047097ae7b876514b9395e1b8524df krb5-devel-1.2.7-38.s390.rpm
a070cad5f21a22f7611ae641eb4b91f5 krb5-libs-1.2.7-38.s390.rpm
1340f95c60414347b525a0b22cf72c03 krb5-server-1.2.7-38.s390.rpm
0f82ce679c7f7d6750e6bf98330cfb5b krb5-workstation-1.2.7-38.s390.rpm
s390x:
4d90a77748aaacd818d9e3f77433618b krb5-devel-1.2.7-38.s390x.rpm
0894dff280fc7550086b94a6737f1f45 krb5-libs-1.2.7-38.s390x.rpm
a070cad5f21a22f7611ae641eb4b91f5 krb5-libs-1.2.7-38.s390.rpm
084688d5e785317fc7e485ecc75710a8 krb5-server-1.2.7-38.s390x.rpm
128834612bbe91305293d8d77c7bde7a krb5-workstation-1.2.7-38.s390x.rpm
x86_64:
c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
fb069e8ce3c2ba661d1e4bc944b5b77d krb5-server-1.2.7-38.x86_64.rpm
c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-38.src.rpm
a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386:
69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
x86_64:
c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-38.src.rpm
a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386:
69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
dd38fa05c17e9e986b4d1181e695b3df krb5-server-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64:
361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
ac2c8fe8e7d8dfc9be4fea96f7283bac krb5-server-1.2.7-38.ia64.rpm
96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
x86_64:
c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
fb069e8ce3c2ba661d1e4bc944b5b77d krb5-server-1.2.7-38.x86_64.rpm
c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-38.src.rpm
a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386:
69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64:
361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
x86_64:
c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm
c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://www.securityfocus.com/bid/11289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1189
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2005 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFB7q0TXlSAg2UNWIIRAgmVAJ9Qd4fUjj1I/gn1sUVBDNovlg1TdgCgu2A3
zxpN2LEjK+RYEGD41UsvIY8=
=FdoG
- -----END PGP SIGNATURE-----
- --
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQe8FMCh9+71yA2DNAQLJ+gQAi6SIEbBvFac8reFMz+Ri3FQppbgmwbrh
JKhEIMfjh3ozfXHlQMaLmXRNKVnrk4Gswb2kPhtk1wNd4Iu2o/ATd0AVEwiiqyvY
x+KB6fHZMqizcgUWXar18WrVtmYmkpCiVv77YcDxfOexnxId6nxUAoC84f1kxvcF
lrgQBKNcCEY=
=GIwf
-----END PGP SIGNATURE-----