exploit the possibilities

Debian Security Advisory 3153-1

Debian Security Advisory 3153-1
Posted Feb 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3153-1 - Multiples vulnerabilities have been found in krb5, the MIT implementation of Kerberos.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
MD5 | 45bf9343c9d7f66465544c24b0e16580

Debian Security Advisory 3153-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3153-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
February 03, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : krb5
CVE ID : CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423

Multiples vulnerabilities have been found in krb5, the MIT
implementation of Kerberos:

CVE-2014-5352

Incorrect memory management in the libgssapi_krb5 library might
result in denial of service or the execution of arbitrary code.

CVE-2014-9421

Incorrect memory management in kadmind's processing of XDR data
might result in denial of service or the execution of arbitrary code.

CVE-2014-9422

Incorrect processing of two-component server principals might result
in impersonation attacks.

CVE-2014-9423

An information leak in the libgssrpc library.

For the stable distribution (wheezy), these problems have been fixed in
version 1.10.1+dfsg-5+deb7u3.

For the unstable distribution (sid), these problems have been fixed in
version 1.12.1+dfsg-17.

We recommend that you upgrade your krb5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJU0TPwAAoJEBDCk7bDfE42VWsQAMAWxgvkqjmlMZrTg6z6h6cG
kCEFZ+pU+iMKO4DZzEkKt9mGp+skwaC4v91nA8p4KxtD7i0dTtm7/XmLCaVblbFQ
O8ncFp4y9UPdnpOJxQXIxdGsmTOQ7NVc5clAYxFiEtLglC9inP6WubaNpxEnUe4+
gzlVg4kjYES1HAfVOncuD5ey2V/Ds7WCWOyNz1SrDnyyGDkzwRqvusfArqA3eBXB
vN05tsw0mO7HzbtoaSXrLICGyZxfWnYSkKgLlVri1HL8e+kDwAVDiRrHZ409CuK1
bQkwLL6kN1gMudxoyTDiPd/oecA1SvQiBYQVsUKHckakbZImjod0DJBw2bDhFWI4
PT5roNzBgGRExXmk4iPLqsaJgj5lH/dimzaA/t9eypScUrOfAcdSdwCsxRvSuNdP
HAIGdw091dL7quoyZBgPb4Ocx0lC2khF34GgSo2W+UD5E7mnHmdVYoUZ/R3l4csU
n0psucFvDl5iCqlRqxLoKnLg/WW9VbZU99+gk8CpgvnuQ6vhRKJQMlZ8xhP2lOUv
s8qHkO8VhL6F8P8zzVUjRIW5rLGx7icM6Ui2K8Mh379ePcnVuCjTfA0853uj0vVK
fcQUxfSwLXyYdsodCNhhbcHHXApxLbo/dfSJewJdKblP3t6LIogC+MQWwk2FW0LI
E4PmFVQe4nUGIS5eVkmS
=6EfO
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    15 Files
  • 27
    Feb 27th
    15 Files
  • 28
    Feb 28th
    4 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close