-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:157 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : krb5 Date : April 30, 2013 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been discovered and corrected in krb5: The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request (CVE-2013-1415). The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request (CVE-2013-1416). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: b0468b389b1e175acf762a21823aa870 mes5/i586/krb5-1.8.1-0.10mdvmes5.2.i586.rpm f6f34e48c32e7372262387ee0f8a6d6d mes5/i586/krb5-pkinit-openssl-1.8.1-0.10mdvmes5.2.i586.rpm 49f04f126409a7c7524dd84bd576513a mes5/i586/krb5-server-1.8.1-0.10mdvmes5.2.i586.rpm 763e9df7e32acdf9036e835822ddd337 mes5/i586/krb5-server-ldap-1.8.1-0.10mdvmes5.2.i586.rpm ab890e3c1524d97c930f3878437893ee mes5/i586/krb5-workstation-1.8.1-0.10mdvmes5.2.i586.rpm fa03c5d3e3672d61acd9ae43c610e015 mes5/i586/libkrb53-1.8.1-0.10mdvmes5.2.i586.rpm 7b4d78d59d007dbe82d8827999e2ddc5 mes5/i586/libkrb53-devel-1.8.1-0.10mdvmes5.2.i586.rpm d3630020107ecd02a73e7f329db767bf mes5/SRPMS/krb5-1.8.1-0.10mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: eb2e6ec461ee09d091851697b40e3b2c mes5/x86_64/krb5-1.8.1-0.10mdvmes5.2.x86_64.rpm 6c583fdc171bc22d8dde7a424f025d3a mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.10mdvmes5.2.x86_64.rpm e83a30d3f387d251b319008c03f2e3b6 mes5/x86_64/krb5-server-1.8.1-0.10mdvmes5.2.x86_64.rpm 2834b0d57d3a6736f70673c2db4d8e59 mes5/x86_64/krb5-server-ldap-1.8.1-0.10mdvmes5.2.x86_64.rpm f69261c7cad2c08af623c3551da65255 mes5/x86_64/krb5-workstation-1.8.1-0.10mdvmes5.2.x86_64.rpm 8944f84aa13359ee37be6222857b8fae mes5/x86_64/lib64krb53-1.8.1-0.10mdvmes5.2.x86_64.rpm 5348e078ac132dac87fd6a124c60e41f mes5/x86_64/lib64krb53-devel-1.8.1-0.10mdvmes5.2.x86_64.rpm d3630020107ecd02a73e7f329db767bf mes5/SRPMS/krb5-1.8.1-0.10mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFRf4XYmqjQ0CJFipgRAh9qAJ0WakvqUdyy6cT7Ko5HL+j4qEoaMgCeNEr+ QLOf3UulKKzZNT6HQ+M0ttA= =9L+Q -----END PGP SIGNATURE-----