-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:137 http://www.mandriva.com/security/ _______________________________________________________________________ Package : krb5 Date : June 26, 2007 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code (CVE-2007-2442). David Coffey also discovered an overflow flaw in the same RPC library. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code (CVE-2007-2443). Finally, a stack buffer overflow vulnerability was found in kadmind that allowed an unauthenticated user able to access kadmind the ability to trigger the vulnerability and possibly execute arbitrary code (CVE-2007-2798). Updated packages have been patched to prevent this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: c40e0406d699b6462958ba826bc07b0f 2007.0/i586/ftp-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm 277d33c0658a89d6cb84cb1f59c92c26 2007.0/i586/ftp-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm 113dac274e1114a18cc98574751bce78 2007.0/i586/krb5-server-1.4.3-6.2mdv2007.0.i586.rpm e8cdd1aabdf760187281469abe2652ba 2007.0/i586/krb5-workstation-1.4.3-6.2mdv2007.0.i586.rpm c7e9a8326e18ea7f0b410422f3a6606e 2007.0/i586/libkrb53-1.4.3-6.2mdv2007.0.i586.rpm a0adaedd79d3277d2854e8ca090f209d 2007.0/i586/libkrb53-devel-1.4.3-6.2mdv2007.0.i586.rpm 6150e3f69a9d45e045933c8d26a2ba31 2007.0/i586/telnet-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm d31790fb758cc166a014ecc8d4add4ec 2007.0/i586/telnet-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm 8ddcbd575ad6a4e62439b3703ad3c7ce 2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 4b4b657644f4cd0c7c33120c761b726a 2007.0/x86_64/ftp-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm 18039af3abc4be030a77e90394a88a32 2007.0/x86_64/ftp-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm 320c60b4082483bd985e30b2cd0fe6a4 2007.0/x86_64/krb5-server-1.4.3-6.2mdv2007.0.x86_64.rpm 8a7244f4a692acbdca04876c1e46d005 2007.0/x86_64/krb5-workstation-1.4.3-6.2mdv2007.0.x86_64.rpm 0166bcd0000d113fa384f0203e076bd5 2007.0/x86_64/lib64krb53-1.4.3-6.2mdv2007.0.x86_64.rpm 071527893b9eba78d4ed36fbe3cf7420 2007.0/x86_64/lib64krb53-devel-1.4.3-6.2mdv2007.0.x86_64.rpm f2e098076719090d0a6770120cd30cc8 2007.0/x86_64/telnet-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm 244dd2dfed4c33af6c5c407f9e748696 2007.0/x86_64/telnet-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm 8ddcbd575ad6a4e62439b3703ad3c7ce 2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm Mandriva Linux 2007.1: 0e97e3acc4d6576ec1056b84bf56d0f0 2007.1/i586/ftp-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm a925df48618989379f3e2033a63574fa 2007.1/i586/ftp-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm 5b5bbdf3ce50e207bb8af9b51e870566 2007.1/i586/krb5-server-1.5.2-6.3mdv2007.1.i586.rpm 7a0ec635b839a1bd581f4d66b4ced6ac 2007.1/i586/krb5-workstation-1.5.2-6.3mdv2007.1.i586.rpm d4471551ede1911b808a9727806dae2e 2007.1/i586/libkrb53-1.5.2-6.3mdv2007.1.i586.rpm 933ed747e6aa73bf183dd8e7a08a6f46 2007.1/i586/libkrb53-devel-1.5.2-6.3mdv2007.1.i586.rpm abadf7a96beb3d8dcce72610f58a8c06 2007.1/i586/telnet-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm c66b3a784087e698037e143fa95ee0c1 2007.1/i586/telnet-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm ea1893535e462dd1919bd0abedbed87e 2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 47e94578a13f82a20f4d000f8392eb02 2007.1/x86_64/ftp-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm 50b2d99b55411b4a721c3a613ad5ba2a 2007.1/x86_64/ftp-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm 27fcedcfa2741bf0f8049a4cc176bd81 2007.1/x86_64/krb5-server-1.5.2-6.3mdv2007.1.x86_64.rpm 5839bb7446c0f6f999f141f8b27bd08a 2007.1/x86_64/krb5-workstation-1.5.2-6.3mdv2007.1.x86_64.rpm 8e7315638bab378e0257cb89a2aa69e8 2007.1/x86_64/lib64krb53-1.5.2-6.3mdv2007.1.x86_64.rpm 27aaf37c6e64f000cc5b98d3ffb81700 2007.1/x86_64/lib64krb53-devel-1.5.2-6.3mdv2007.1.x86_64.rpm dc945c4871d314bc3eff2d3bfe51d8d2 2007.1/x86_64/telnet-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm e702159871325f6e4eae2ba4eda4b1fa 2007.1/x86_64/telnet-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ea1893535e462dd1919bd0abedbed87e 2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm Corporate 3.0: f0547c5bf734e1e4e7ebdaaa45643183 corporate/3.0/i586/ftp-client-krb5-1.3-6.9.C30mdk.i586.rpm e47318f20875193315c2f90a0aa73893 corporate/3.0/i586/ftp-server-krb5-1.3-6.9.C30mdk.i586.rpm 0c2b238bd3597f7207bf3a3ab3659364 corporate/3.0/i586/krb5-server-1.3-6.9.C30mdk.i586.rpm dd4b1f9a85a297fbc03b8d2f38c6e43b corporate/3.0/i586/krb5-workstation-1.3-6.9.C30mdk.i586.rpm 1590e1a8231e0b5bfcbbdfaaa2832ed4 corporate/3.0/i586/libkrb51-1.3-6.9.C30mdk.i586.rpm ec4d5de3a00caca779eec5d41d514e14 corporate/3.0/i586/libkrb51-devel-1.3-6.9.C30mdk.i586.rpm 3ff052270404ba6ee2649b11f3fef987 corporate/3.0/i586/telnet-client-krb5-1.3-6.9.C30mdk.i586.rpm afed9d2d655fd6a8b84b270c7c02bb27 corporate/3.0/i586/telnet-server-krb5-1.3-6.9.C30mdk.i586.rpm 2457d3a60e45048a670ccfdcc0ecb378 corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm Corporate 3.0/X86_64: d97ee0f157987a221b80d9136ece289d corporate/3.0/x86_64/ftp-client-krb5-1.3-6.9.C30mdk.x86_64.rpm c5684ae9f26b06083b96364d27cc6b17 corporate/3.0/x86_64/ftp-server-krb5-1.3-6.9.C30mdk.x86_64.rpm c76727d14b575a3d95c626230fb36e21 corporate/3.0/x86_64/krb5-server-1.3-6.9.C30mdk.x86_64.rpm d997ead69ebc1259cff22e0f95cd94b2 corporate/3.0/x86_64/krb5-workstation-1.3-6.9.C30mdk.x86_64.rpm 940488184a42d9488083f8505cf51f31 corporate/3.0/x86_64/lib64krb51-1.3-6.9.C30mdk.x86_64.rpm 6380542588680c89410735ffe7e4187c corporate/3.0/x86_64/lib64krb51-devel-1.3-6.9.C30mdk.x86_64.rpm ad90e57cc1a38053b80dc992fb7e9821 corporate/3.0/x86_64/telnet-client-krb5-1.3-6.9.C30mdk.x86_64.rpm 88bff515db340c5ba1941d7911061df9 corporate/3.0/x86_64/telnet-server-krb5-1.3-6.9.C30mdk.x86_64.rpm 2457d3a60e45048a670ccfdcc0ecb378 corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm Corporate 4.0: efddcdd277b1aabfe333628806fe0760 corporate/4.0/i586/ftp-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm 726aacc0586b726a411b02b0c95f1fa9 corporate/4.0/i586/ftp-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm 82f95b50e28a98b39e02a5c3911a2b92 corporate/4.0/i586/krb5-server-1.4.3-5.3.20060mlcs4.i586.rpm 7c181fd1bc3f55f80f82b96301bb19cb corporate/4.0/i586/krb5-workstation-1.4.3-5.3.20060mlcs4.i586.rpm 2aae375fed863e40005547b81f4d6899 corporate/4.0/i586/libkrb53-1.4.3-5.3.20060mlcs4.i586.rpm 3b4b780acd51067ec8b3f83d13838bf4 corporate/4.0/i586/libkrb53-devel-1.4.3-5.3.20060mlcs4.i586.rpm 000a146dc869c4fc6bcb02b9ac6eaae1 corporate/4.0/i586/telnet-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm 34403d6595fc096d7e6b09d8e50ad7de corporate/4.0/i586/telnet-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm f500eec032ef1404ae965d3a7b25bdb4 corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: 1ce29ebf6d7a319ab53350e38a8ef3af corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm 9df889b6fccdb1f5660a6ac1c1e019ac corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm 9dca2e1f57ca43a8c0f392c4f8cdea40 corporate/4.0/x86_64/krb5-server-1.4.3-5.3.20060mlcs4.x86_64.rpm 8e6b55bef97e7c0109c02d7caca2c434 corporate/4.0/x86_64/krb5-workstation-1.4.3-5.3.20060mlcs4.x86_64.rpm 32bc813142a311d128ac00437f9bbc6b corporate/4.0/x86_64/lib64krb53-1.4.3-5.3.20060mlcs4.x86_64.rpm e08ce03ada5d6378509df0ba897a2b28 corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.3.20060mlcs4.x86_64.rpm 7d6e28c5837e5e3d1f57d3170209efa5 corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm bc4796289d578b2fd226e26fd2e05765 corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm f500eec032ef1404ae965d3a7b25bdb4 corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm Multi Network Firewall 2.0: 387a140e280b355674318964905fc506 mnf/2.0/i586/libkrb51-1.3-6.9.M20mdk.i586.rpm 8100f18f25a150efc52414692e456b49 mnf/2.0/SRPMS/krb5-1.3-6.9.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGga9JmqjQ0CJFipgRAuwPAJ9WZHyIKqGp2Zd3THW9I4FrnMiXHQCeK3Ix aBJaUBpAxTQBi97q3ZfFNkk= =x9wE -----END PGP SIGNATURE-----