[USN-1116-1] Kerberos vulnerability

看板Bugtraq作者kees.時間15年前 (2011/04/21 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

--YhFoJY/gx7awiIuK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-1116-1 April 19, 2011 krb5 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 9.10 Summary: An unauthenticated remote user could crash the Kerberos service. Software Description: - krb5: MIT Kerberos services Details: Felipe Ortega discovered that kadmind did not correctly handle password changing error conditions. An unauthenticated remote attacker could exploit this to crash kadmind, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: krb5-admin-server 1.8.1+dfsg-5ubuntu0.7 Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.9 Ubuntu 9.10: krb5-admin-server 1.7dfsg~beta3-1ubuntu0.13 In general, a standard system update will make all the necessary changes. References: CVE-2011-0285 Package Information: https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-5ubuntu0.7 https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.9 https://launchpad.net/ubuntu/+source/krb5/1.7dfsg~beta3-1ubuntu0.13 --YhFoJY/gx7awiIuK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook <kees@outflux.net> iQIcBAEBCgAGBQJNrgfzAAoJEIly9N/cbcAmvAMP/3T2/FAvp8ARFkCpXoL2xUsj 2EOt8F+RCHCt+wG0su3k8wgyrP7/wZLLYsQ1NGeb+b5amcfc+DZcF4vaj/qXqcrs vN4NHP2e7zMlLn/YSnLCuJbREcRGvawBW9LJGNB0bsNGXXK40/hJUVtR3vEkOMGJ YajPwlMFNSDoZym9bbR1PHsKXElM9slZ1IWr++MuMZBG4uFdUE6mltTf3lreazLQ QBctpoX3tQ8yQ2m1pxPO/96+9qGtQhHiabE0hFFMoCK7tZ3mmzfl8Q7NNa4aLfC4 j5j2FKbMoH304TgKOLJFnMNClnbkNVDXHJiL04nvrdkKOufbBXBevPFRm0DUosox 7Jt17lZVhpFHoDQPsdZtHRgAAPUmZBOSpu7I4a3//3T0kTkHf2T+27p7mdaZFuRB NiVs4QIaqiNK7UPoViKU16KqpRb/Lfi2CeaAoysg9r/uZGkq+q7W4gpDoOVLFOzH tRjRJ3sXEs+XI5AqS/0O+OhYnOATTFvo+EzqxxI4xPrUCg5o8FHMQ3bYSHenwfWV ZGH2IUXraYFyaxzZWK2puHMp2ebtF+xVEP3h07oc6CVm6aDDW6ljorpS3Kai7pWl TPcFI3SSEqipQa5xDg7NKvTIUFPmOijEmNVM/VGKe4MToumb1Hee8vOu5ip8zCQK GZBqU0eg3+KXPIo1lHf6 =4WTL -----END PGP SIGNATURE----- --YhFoJY/gx7awiIuK--

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 kees. 的文章

文章代碼(AID): #1DhnzXh_ (Bugtraq)