what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 5726-1

Debian Security Advisory 5726-1
Posted Jul 8, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5726-1 - Two vulnerabilities were discovered in the GSS message token handling in krb5, the MIT implementation of Kerberos. An attacker can take advantage of these flaws to bypass integrity protections or cause a denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2024-37370, CVE-2024-37371
SHA-256 | 99e52ec0c3a0685ef07fd7f97e165fc26dfe372ba3434c943dd6bf3185533ccb

Debian Security Advisory 5726-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5726-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 05, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : krb5
CVE ID : CVE-2024-37370 CVE-2024-37371

Two vulnerabilities were discovered in the GSS message token handling in
krb5, the MIT implementation of Kerberos. An attacker can take advantage
of these flaws to bypass integrity protections or cause a denial of
service.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1.18.3-6+deb11u5.

For the stable distribution (bookworm), these problems have been fixed in
version 1.20.1-2+deb12u2.

We recommend that you upgrade your krb5 packages.

For the detailed security status of krb5 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/krb5

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmaIYgxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QlXw//Zxf+qU8sOJoolWJrkNtWA4QXSkbSqPzzufgxH97Tac6qgYEo9KIDMZzS
eThOW0r1OqqPS3131lMRgRpzDpJd502vHylsAOyKp9zUloVr9dSK0R1W1ALp0tOp
I55xB9KnNxRwmuaXqpDbs/g9eBX+oLcbaLyq9krT4baQg/f4sfWd+mBFkPEAbVcH
tvUzuGL34ANUaSwIaJ7pcCBjUWZtqL9XNC0DsB7n3xyuKk193/dASajAopsOavBR
6imyxmxNduO9F+MxSd7IELCyRqRZ7YkM30ZCmKgYM4velc8fFYSLmdT8lzvogBbc
rCnH161JkSy2mxLS5MjmdbY8V/Pu37xL3lcejoYmq4RM5eceZuGOr6LYk3Xp3nzV
ytVrZ852Az2KZa0EwZQ7Haz2csStbmKwTDQRbHkq21+BMZ5ZkWF6Lj0jeCx/UsSY
gpWDDsKbSsrioIMM5W9q6avf1O0h/xUTy/S2k1+kY0RrAnI49NIivSc9J9ZwoRvV
5ygq7Cu7K/cYU4KxrmRQB0Us2EEUY9TCAOKNXXu9h/YpV3WQUzfBlkw+o0OYQ6vG
poxo0kOR2bzfCwT2aKSbtq3uXMaeg64rHhMG1PrsO1gDn8NczoQ1nsWnZQ4rdeUj
lEbzC7NBzPQNVpbCt+NvaXdZjI7CIB3kfrgRfwQSGji/VlSVhVk=
=oNDx
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close