---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: SUSE update for krb5 SECUNIA ADVISORY ID: SA25911 VERIFY ADVISORY: http://secunia.com/advisories/25911/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: openSUSE 10.2 http://secunia.com/product/13375/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ DESCRIPTION: SUSE has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to compromise a vulnerable system. For more information: SA25800 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.6.i586.rpm dc2fa8951dada9f5682fe449dc385e2d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.6.i586.rpm dd2d611d86a420e45f5cacce9d7fdec1 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23.6.i586.rpm 5daa3fedc4198ebb7b4d0a8127bed8ed SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.22.i586.rpm 09da59a0aaafd6c8d22321752f2c38d3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.22.i586.rpm 0840fcc71f5b4e97beb835e0e25dedbc ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19.22.i586.rpm 9d23419758f2b0a69ba143dbacbc9f0a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-1.4.1-5.7.i586.rpm 32b71e707e4ec85b0eee500de51a89cf ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-devel-1.4.1-5.7.i586.rpm f71c6582dcb3a74a804a4143ff6f48c3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-server-1.4.1-5.7.i586.rpm 22b2f9c5cc94918a58c8c5e1b4d6296d Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-1.5.1-23.6.ppc.rpm cdf7854a981af8b5b9e4ad5d0eca9c7d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-devel-1.5.1-23.6.ppc.rpm 5aba32af56d726c3616cc4260a69a848 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-server-1.5.1-23.6.ppc.rpm a1ab8842ba74f4b2a3e2cba56d730556 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-1.4.3-19.22.ppc.rpm aa13e756476c571bdb9d1f909ffdd2d9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-devel-1.4.3-19.22.ppc.rpm c121580b3e9392f8de76efda8d5dd551 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-server-1.4.3-19.22.ppc.rpm aabf1f7df56922b01d67213af2cfc0af SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-1.4.1-5.7.ppc.rpm 069361f8698af89dc366bf3d2cdf7239 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-devel-1.4.1-5.7.ppc.rpm e440e4b49b571b8bf9ebf0f9200d29c3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-server-1.4.1-5.7.ppc.rpm 4188e3334beceefce3cab6aa8429a16c x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.6.x86_64.rpm edff62bb110662ee8a16f51b69c684c2 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23.6.x86_64.rpm af81d30ce34ee7c0c708a8c0f17d81a5 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23.6.x86_64.rpm 7d204e67fa211a528acedd6980925686 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1.5.1-23.6.x86_64.rpm 8036b0e78e1fea05e895b7d2c5717538 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-23.6.x86_64.rpm 14238f108e2375205961a73ec15ecbde SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.22.x86_64.rpm 0c46b69cf856956753908711a391ca3c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-32bit-1.4.3-19.22.x86_64.rpm cd9562c71d1439f9ea1b7fd29b2a2a15 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-1.4.3-19.22.x86_64.rpm 624a0d8362e07050d705642f12e6109e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-32bit-1.4.3-19.22.x86_64.rpm 30cd873aa47a0006d5e402e2280d311f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-server-1.4.3-19.22.x86_64.rpm 6149c3d8873ebbdf0549f74eabd61a0e SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-1.4.1-5.7.x86_64.rpm eaf8552be5695919d2d7a058339c4d1f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-32bit-1.4.1-5.7.x86_64.rpm 146f189e550f82bc987cde96a0b13086 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-1.4.1-5.7.x86_64.rpm 5bd145009778a85a0e8d26f58cf976c6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-32bit-1.4.1-5.7.x86_64.rpm 21418e68ed403d5bc822e8e31473bc57 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-server-1.4.1-5.7.x86_64.rpm 2c55efe366234d32d547c85ffe3e78a2 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/krb5-1.5.1-23.6.src.rpm e3a6f207ca990afd58afec40b3b08aea SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/krb5-1.4.3-19.22.src.rpm a29ba835ba013e45102b136d7c0f89a8 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/krb5-1.4.1-5.7.src.rpm b4a34b1b66194f86cd6163aa9a5879b4 SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/b25610d8b470e16c60af96095d35faae.html SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/b25610d8b470e16c60af96095d35faae.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/b25610d8b470e16c60af96095d35faae.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2007_38_krb5.html OTHER REFERENCES: SA25800: http://secunia.com/advisories/25800/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------