what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-024

Mandriva Linux Security Advisory 2011-024
Posted Feb 9, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-024 - The MIT krb5 Key Distribution Center daemon is vulnerable to denial of service attacks from unauthenticated remote attackers.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-0281, CVE-2011-0282
SHA-256 | 39c0572f12359cb86e2fd583adb8e4c9548610ab0a8802aee133beb16ae6eab8

Mandriva Linux Security Advisory 2011-024

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:024
http://www.mandriva.com/security/
_______________________________________________________________________

Package : krb5
Date : January 9, 2011
Affected: 2009.0, 2010.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities were discovered and corrected in krb5:

The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable
to denial of service attacks from unauthenticated remote attackers
(CVE-2011-0281, CVE-2011-0282).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
a19b45095a4c3a3325a23a98c9b62123 2009.0/i586/ftp-client-krb5-1.6.3-6.7mdv2009.0.i586.rpm
62ee1d7005c6fecc20f43d50773a8ab0 2009.0/i586/ftp-server-krb5-1.6.3-6.7mdv2009.0.i586.rpm
4a670066b022ca0d1e780e535b5dad34 2009.0/i586/krb5-1.6.3-6.7mdv2009.0.i586.rpm
27479079f1205258ebf1a95cde9c72c4 2009.0/i586/krb5-server-1.6.3-6.7mdv2009.0.i586.rpm
2b8bc1f146ae12947eb0d66571e71b6c 2009.0/i586/krb5-workstation-1.6.3-6.7mdv2009.0.i586.rpm
19fdf51bf9e901e42f59ca9e6e98f467 2009.0/i586/libkrb53-1.6.3-6.7mdv2009.0.i586.rpm
d605d6a2482a43395f7099900bff82f2 2009.0/i586/libkrb53-devel-1.6.3-6.7mdv2009.0.i586.rpm
462f1389fe4095a4c4f0f6207672f2f3 2009.0/i586/telnet-client-krb5-1.6.3-6.7mdv2009.0.i586.rpm
296db9f5769dde078cb94e6e0d82095a 2009.0/i586/telnet-server-krb5-1.6.3-6.7mdv2009.0.i586.rpm
2bad38c6316246a6dc19064862355946 2009.0/SRPMS/krb5-1.6.3-6.7mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
874d1f1e9d08f0fd037dafb02f27e25a 2009.0/x86_64/ftp-client-krb5-1.6.3-6.7mdv2009.0.x86_64.rpm
809e11d3f613310a554cc410b265340a 2009.0/x86_64/ftp-server-krb5-1.6.3-6.7mdv2009.0.x86_64.rpm
1cba00d3b76c822327e475f65b8eb297 2009.0/x86_64/krb5-1.6.3-6.7mdv2009.0.x86_64.rpm
2cec696b37dca1c6838f22e6d15be960 2009.0/x86_64/krb5-server-1.6.3-6.7mdv2009.0.x86_64.rpm
2e5224b06920992dd089155524f59a84 2009.0/x86_64/krb5-workstation-1.6.3-6.7mdv2009.0.x86_64.rpm
cc71b41dd2694b64ae0bd0a29f5901ae 2009.0/x86_64/lib64krb53-1.6.3-6.7mdv2009.0.x86_64.rpm
570353d6ce78ce9df326002439caec90 2009.0/x86_64/lib64krb53-devel-1.6.3-6.7mdv2009.0.x86_64.rpm
fac2a3ec4699ea5468edd525581c176c 2009.0/x86_64/telnet-client-krb5-1.6.3-6.7mdv2009.0.x86_64.rpm
c6101ff519432a473fe54813dee91920 2009.0/x86_64/telnet-server-krb5-1.6.3-6.7mdv2009.0.x86_64.rpm
2bad38c6316246a6dc19064862355946 2009.0/SRPMS/krb5-1.6.3-6.7mdv2009.0.src.rpm

Mandriva Linux 2010.0:
d5b2da171f65a6b7ac3e60e01e4d1712 2010.0/i586/ftp-client-krb5-1.6.3-10.5mdv2010.0.i586.rpm
27ae96d163768f10187a40eca4f754d2 2010.0/i586/ftp-server-krb5-1.6.3-10.5mdv2010.0.i586.rpm
498c4f101072718c07c2b7639d9d814d 2010.0/i586/krb5-1.6.3-10.5mdv2010.0.i586.rpm
afdbc93b50cb27f0cede08efc9e3bc61 2010.0/i586/krb5-server-1.6.3-10.5mdv2010.0.i586.rpm
6f8b0b82cb75fdf87f25eb123a65fdcf 2010.0/i586/krb5-workstation-1.6.3-10.5mdv2010.0.i586.rpm
4273fddffc5937d7b026051eb7078a6d 2010.0/i586/libkrb53-1.6.3-10.5mdv2010.0.i586.rpm
65b924acbef7b5c7d1c5cfee4b050f89 2010.0/i586/libkrb53-devel-1.6.3-10.5mdv2010.0.i586.rpm
1c2d6cbdcffb7a34fb8ad3771d5ca037 2010.0/i586/telnet-client-krb5-1.6.3-10.5mdv2010.0.i586.rpm
3b562494dcadb73e4b92ce1f3e028c82 2010.0/i586/telnet-server-krb5-1.6.3-10.5mdv2010.0.i586.rpm
ba422d1791aa61edbd91c90e544e216b 2010.0/SRPMS/krb5-1.6.3-10.5mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
893e5137d26a641a661495f8faa9d0f5 2010.0/x86_64/ftp-client-krb5-1.6.3-10.5mdv2010.0.x86_64.rpm
086f6d9a7614e866c813da5d3d92fde7 2010.0/x86_64/ftp-server-krb5-1.6.3-10.5mdv2010.0.x86_64.rpm
3402310b1f1717057f09ee11985d4aa6 2010.0/x86_64/krb5-1.6.3-10.5mdv2010.0.x86_64.rpm
e0ec3c4ef7ac973fa938152aaaf53a29 2010.0/x86_64/krb5-server-1.6.3-10.5mdv2010.0.x86_64.rpm
499e66ced99df6f4bc037abccb80e025 2010.0/x86_64/krb5-workstation-1.6.3-10.5mdv2010.0.x86_64.rpm
125db3395bdf7efeaccf1316e6ed82d3 2010.0/x86_64/lib64krb53-1.6.3-10.5mdv2010.0.x86_64.rpm
e76d507737e1f700a1525465e0521ddd 2010.0/x86_64/lib64krb53-devel-1.6.3-10.5mdv2010.0.x86_64.rpm
445d12b6d5a017d1d7be171c405177e6 2010.0/x86_64/telnet-client-krb5-1.6.3-10.5mdv2010.0.x86_64.rpm
4f70e288a102af2b67738fad436715fc 2010.0/x86_64/telnet-server-krb5-1.6.3-10.5mdv2010.0.x86_64.rpm
ba422d1791aa61edbd91c90e544e216b 2010.0/SRPMS/krb5-1.6.3-10.5mdv2010.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNUo9BmqjQ0CJFipgRAmMoAKDFB46juPm6JexkKwC8TD5inxiIrQCfRra9
+o6dlSIfW5r4AX2DNw/cjdA=
=R4xv
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close