Joined: 13 Jun 2003
Location: Barcelona, Spain
|Posted: Mon Sep 06, 2004 12:42 pm Post subject: [ GLSA 200409-09 ] MIT krb5: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: MIT krb5: Multiple vulnerabilities (GLSA 200409-09)
Date: September 06, 2004
MIT krb5 contains several double-free vulnerabilities, potentially allowing the execution of arbitrary code, as well as a denial of service vulnerability.
MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology.
Vulnerable: < 1.3.4
Unaffected: >= 1.3.4
Architectures: All supported architectures
The implementation of the Key Distribution Center (KDC) and the MIT krb5 library contain double-free vulnerabilities, making client programs as well as application servers vulnerable. The ASN.1 decoder library is vulnerable to a denial of service attack, including the KDC.
The double-free vulnerabilities could allow an attacker to execute arbitrary code on a KDC host and hosts running krb524d or vulnerable services. In the case of a KDC host, this can lead to a compromise of the entire Kerberos realm. Furthermore, an attacker impersonating a legitimate KDC or application server can potentially execute arbitrary code on authenticating clients. An attacker can cause a denial of service for a KDC or application server and clients, the latter if impersonating a legitimate KDC or application server.
There is no known workaround at this time.
All mit-krb5 users should upgrade to the latest stable version:
|# emerge sync
# emerge -pv ">=app-crypt/mit-krb5-1.3.4"
# emerge ">=app-crypt/mit-krb5-1.3.4"
MIT krb5 Security Advisory 2004-002
MIT krb5 Security Advisory 2004-003
Last edited by GLSA on Sun May 07, 2006 4:52 pm; edited 1 time in total