what you don't know can hurt you

Mandriva Linux Security Advisory 2011-025

Mandriva Linux Security Advisory 2011-025
Posted Feb 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-025 - The MIT krb5 KDC database propagation daemon is vulnerable to a denial-of-service attack triggered by invalid network input. If a kpropd worker process receives invalid input that causes it to exit with an abnormal status, it can cause the termination of the listening process that spawned it, preventing the slave KDC it was running on From receiving database updates from the master KDC. The MIT krb5 Key Distribution Center daemon is vulnerable to denial of service attacks from unauthenticated remote attackers. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-4022, CVE-2011-0281, CVE-2011-0282
MD5 | 7b526947f7ae90f2ca47e7ea2fd3b474

Mandriva Linux Security Advisory 2011-025

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:025
http://www.mandriva.com/security/
_______________________________________________________________________

Package : krb5
Date : January 9, 2011
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities were discovered and corrected in krb5:

The MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to
a denial-of-service attack triggered by invalid network input. If a
kpropd worker process receives invalid input that causes it to exit
with an abnormal status, it can cause the termination of the listening
process that spawned it, preventing the slave KDC it was running on
From receiving database updates from the master KDC (CVE-2010-4022).

The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable
to denial of service attacks from unauthenticated remote attackers
(CVE-2011-0281, CVE-2011-0282).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
4257cc617b96c71c95256eab33442bc2 2010.1/i586/krb5-1.8.1-5.3mdv2010.2.i586.rpm
025655b729ac32712c54f801849e93c2 2010.1/i586/krb5-pkinit-openssl-1.8.1-5.3mdv2010.2.i586.rpm
b690a8719f533a29ae7f92397b8c89fd 2010.1/i586/krb5-server-1.8.1-5.3mdv2010.2.i586.rpm
60cf99234bd79802947425404eb4493b 2010.1/i586/krb5-server-ldap-1.8.1-5.3mdv2010.2.i586.rpm
adab88a879966d2a0daf4d17bfd288fc 2010.1/i586/krb5-workstation-1.8.1-5.3mdv2010.2.i586.rpm
a481d252c831d40de9d7ccf00403105e 2010.1/i586/libkrb53-1.8.1-5.3mdv2010.2.i586.rpm
b031d51a205194decf50c5187e0d0e50 2010.1/i586/libkrb53-devel-1.8.1-5.3mdv2010.2.i586.rpm
a2e5bcabf3633d6f32c214b03f1252eb 2010.1/SRPMS/krb5-1.8.1-5.3mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
586ecee11e45dc3266f172a58169a945 2010.1/x86_64/krb5-1.8.1-5.3mdv2010.2.x86_64.rpm
d9418b6bfe4aff10c9de32d08a4cd4fc 2010.1/x86_64/krb5-pkinit-openssl-1.8.1-5.3mdv2010.2.x86_64.rpm
31a9d6629d25eea120fbd11853e25e0c 2010.1/x86_64/krb5-server-1.8.1-5.3mdv2010.2.x86_64.rpm
7fd34307e298b4f47970d3c77851ecdb 2010.1/x86_64/krb5-server-ldap-1.8.1-5.3mdv2010.2.x86_64.rpm
42552d1978fc6e66c3d7138da59b103d 2010.1/x86_64/krb5-workstation-1.8.1-5.3mdv2010.2.x86_64.rpm
362506d043aa087dcb743a0a3aa4f687 2010.1/x86_64/lib64krb53-1.8.1-5.3mdv2010.2.x86_64.rpm
f5f376d22fe98cdb7ec542c9a917873a 2010.1/x86_64/lib64krb53-devel-1.8.1-5.3mdv2010.2.x86_64.rpm
a2e5bcabf3633d6f32c214b03f1252eb 2010.1/SRPMS/krb5-1.8.1-5.3mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
9195a6f446623619ecca9433108b8ce2 mes5/i586/krb5-1.8.1-0.4mdvmes5.1.i586.rpm
d0de4724705b78ebaccdc0f1e332bdc0 mes5/i586/krb5-pkinit-openssl-1.8.1-0.4mdvmes5.1.i586.rpm
c573a00957ba2f5c9f813bf66d2639b6 mes5/i586/krb5-server-1.8.1-0.4mdvmes5.1.i586.rpm
d8e5bb51f39680e0e034864f3c7ab389 mes5/i586/krb5-server-ldap-1.8.1-0.4mdvmes5.1.i586.rpm
a6d37c289467daf9ec6be7386fd08804 mes5/i586/krb5-workstation-1.8.1-0.4mdvmes5.1.i586.rpm
5fe3268dc275b2255503b45b9dad1710 mes5/i586/libkrb53-1.8.1-0.4mdvmes5.1.i586.rpm
9fa6291f9bcf123e151743681c197e20 mes5/i586/libkrb53-devel-1.8.1-0.4mdvmes5.1.i586.rpm
f3636ce525a3743da670335fad739b4d mes5/SRPMS/krb5-1.8.1-0.4mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
e8f92b4b8d9e80929bc40df9398e7407 mes5/x86_64/krb5-1.8.1-0.4mdvmes5.1.x86_64.rpm
c7c9cc07256630ad3580ac8af6fd1731 mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.4mdvmes5.1.x86_64.rpm
da836bd502a81c68e486a59e0dc59576 mes5/x86_64/krb5-server-1.8.1-0.4mdvmes5.1.x86_64.rpm
1b4f41d239d1e17b460711961a4be093 mes5/x86_64/krb5-server-ldap-1.8.1-0.4mdvmes5.1.x86_64.rpm
0f63908285e6aba326b1af6b40456385 mes5/x86_64/krb5-workstation-1.8.1-0.4mdvmes5.1.x86_64.rpm
a8d6ded793ecdfd542557a2ce625f212 mes5/x86_64/lib64krb53-1.8.1-0.4mdvmes5.1.x86_64.rpm
3ad9fe51b83ba903dd347aae73bd8e09 mes5/x86_64/lib64krb53-devel-1.8.1-0.4mdvmes5.1.x86_64.rpm
f3636ce525a3743da670335fad739b4d mes5/SRPMS/krb5-1.8.1-0.4mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNUp/qmqjQ0CJFipgRAg0nAJwO+ObUmGm8k1KR4skSGzTYl8SYCACeIiio
Qpo7J6nxtEPLAtCuOk53zwk=
=TsGk
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close