__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN krb5 Security Update [Red Hat RHSA-2007:0095-4] April 4, 2007 14:00 GMT Number R-193 [REVISED 4 Apr 2007] [REVISED 19 Apr 2007] [REVISED 23 May 2007] [REVISED 30 May 2007] [REVISED 31 Jul 2007] ______________________________________________________________________________ PROBLEM: A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). PLATFORM: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS, ES, WS (v. 2.1, v. 3, v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor MIT krb5 Sun Enterprise Autentication Mechanism 1.0 Debian GNU/Linux 3.1 alias sarge HP-UX B.11.11, B.11.23, and B.11.31 running the Kerberos Client software versions 1.3.5.05 and previous Solaris 8, 9, 10 Operating Systems SGI Advanced Linux Environment 3 ProPack 3 DAMAGE: A remote attacker can log in as root without requiring a password. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is MEDIUM. A remote attacker who can access the telnet ASSESSMENT: port of a target machine could log in as root without requiring a password. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-193.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2007-0095.html ADDITIONAL LINKS: MIT krb5 Security Advisory 2007-001 http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt MIT krb5 Security Advisory 2007-002 http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt MIT krb5 Security Advisory 2007-003 http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-003.txt Sun Alert ID: 102867 http://www.sunsolve.sun.com/search/document.do?assetkey=1-26-102867-1 Debian Security Advisory DSA-1276-1 http://www.debian.org/security/2007/dsa-1276 Visit Hewlett-Packard's Subscription Service for: HPSBUX02217 SSRT071337 rev. 1 Sun Alert ID: 102930 http://www.sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1 SGI Security Advisory 20070401-01-P Security Update #73 http://www.sgi.com/support/security/advisories.html CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-0956 CVE-2007-0957 CVE-2007-1216 ______________________________________________________________________________ REVISION HISTORY: 04/04/2007 - revised R-193 to add links to the following Security Bulletins: MIT krb5 Security Advisory 2007-001; 2007-002; 2007-003; and Sun Alert ID: 102867. 04/19/2007 - revised R-193 to add links to Debian Security Advisory DSA-1276-1 for Debian GNU/Linux 3.1 alias sarge. 05/23/2007 - revised R-193 to add a link to Hewlett-Packard's HPSBUX02217 SSRT071337 rev. 1 for HP-UX B.11.11, B.11.23, and B.11.31 running the Kerberos Client software versions 1.3.5.05 and previous. 05/30/2007 - revised R-193 to add a link to Sun Alert ID: 102930 for Solaris 8, 9, 10 Operating Systems. 07/31/2007 - revised R-193 to add a link to SGI Security Advisory 20070401-01-P for SGI Advanced Linux Environment 3 ProPack 3. [***** Start Red Hat RHSA-2007:0095-4 *****] Critical: krb5 security update Advisory: RHSA-2007:0095-4 Type: Security Advisory Severity: Critical Issued on: 2007-04-03 Last updated on: 2007-04-03 Affected Products: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor OVAL: com.redhat.rhsa-20070095.xml CVEs (cve.mitre.org): CVE-2007-0956 CVE-2007-0957 CVE-2007-1216 Details Updated krb5 packages that fix a number of issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could log in as root without requiring a password. (CVE-2007-0956) Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package. For users who have enabled the krb5 telnet daemon and have it accessible remotely, this update should be applied immediately. Whilst we are not aware at this time that the flaw is being actively exploited, we have confirmed that the flaw is very easily exploitable. This update also fixes two additional security issues: Buffer overflows were found which affect the Kerberos KDC and the kadmin server daemon. A remote attacker who can access the KDC could exploit this bug to run arbitrary code with the privileges of the KDC or kadmin server processes. (CVE-2007-0957) A double-free flaw was found in the GSSAPI library used by the kadmin server daemon. Red Hat Enterprise Linux 4 and 5 contain checks within glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux 4 and 5 successful exploitation of this issue can only lead to a denial of service. Applications which use this library in earlier releases of Red Hat Enterprise Linux may also be affected. (CVE-2007-1216) All users are advised to update to these erratum packages which contain a backported fix to correct these issues. Red Hat would like to thank MIT and iDefense for reporting these vulnerabilities. Solution The krb5 telnet daemon is an xinetd service. You can determine if krb5 telnetd is enabled with the command: /sbin/chkconfig --list krb5-telnet The output of this command will be "krb5-telnet on" if krb5 telnet is enabled. krb5 telnet daemon can be immediately disabled with the command: /sbin/chkconfig krb5-telnet off Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Updated packages RHEL Desktop Workstation (v. 5 client) -------------------------------------------------------------------------------- IA-32: krb5-devel-1.5-23.i386.rpm 24f6ae2b75a877224f342de1aeec4023 krb5-server-1.5-23.i386.rpm 09a65148e9528c0f1f1ee2ae7d6f3574 x86_64: krb5-devel-1.5-23.i386.rpm 24f6ae2b75a877224f342de1aeec4023 krb5-devel-1.5-23.x86_64.rpm 954d03b3a0954834768f7564e0e7e741 krb5-server-1.5-23.x86_64.rpm b50e4fe195e2f236b45f7b22da01b8af Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.7-61.src.rpm 241aa2f84b51636920795b1d34897082 IA-32: krb5-devel-1.2.7-61.i386.rpm eaa32e453e972bf98827197c22bdb360 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-server-1.2.7-61.i386.rpm 5c0cdb59311fc4f27f0a14d095b587dd krb5-workstation-1.2.7-61.i386.rpm 3ec0506072852c72d0014f0689ab1767 x86_64: krb5-devel-1.2.7-61.x86_64.rpm 972fc297c47083dfaefaf1a8ea9ccab5 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.x86_64.rpm 9542fea7dbd067e1975bc5366d736d91 krb5-server-1.2.7-61.x86_64.rpm 137c91d6c1a6ca8aa05fefac6bc36513 krb5-workstation-1.2.7-61.x86_64.rpm 4aa5731d9c0be30795581d104855c6c3 Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: krb5-1.3.4-46.src.rpm 8ac2bf4e79c44334eccf011036807ba5 IA-32: krb5-devel-1.3.4-46.i386.rpm b567711dbaccedf883dbaacd01285388 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-server-1.3.4-46.i386.rpm 7a1e837828d09f1acc11a713f63aea39 krb5-workstation-1.3.4-46.i386.rpm b32d2aeec3195125c9257b0e48737614 x86_64: krb5-devel-1.3.4-46.x86_64.rpm cfc02be36863f29841df446afdb8e7db krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.x86_64.rpm 6703713f9a765367b16a925a3fd9c355 krb5-server-1.3.4-46.x86_64.rpm 29b872e3c0f0d6b2b74991411a5cca06 krb5-workstation-1.3.4-46.x86_64.rpm 7691da20ab235883310409a2c49397a7 Red Hat Enterprise Linux (v. 5 server) -------------------------------------------------------------------------------- SRPMS: krb5-1.5-23.src.rpm 19a3771be564d508b43e9d21ec28021f IA-32: krb5-devel-1.5-23.i386.rpm 24f6ae2b75a877224f342de1aeec4023 krb5-libs-1.5-23.i386.rpm e996a6afe95019d0bcd41e6d3950bd92 krb5-server-1.5-23.i386.rpm 09a65148e9528c0f1f1ee2ae7d6f3574 krb5-workstation-1.5-23.i386.rpm 512ce44bca20f6f205f624131d9962da IA-64: krb5-devel-1.5-23.ia64.rpm 720833e90ed739dead106c84ae1d02b6 krb5-libs-1.5-23.i386.rpm e996a6afe95019d0bcd41e6d3950bd92 krb5-libs-1.5-23.ia64.rpm 17578cac6d56991601349056a365cd69 krb5-server-1.5-23.ia64.rpm 9cb4df8461213cab353a79c7b9c785d4 krb5-workstation-1.5-23.ia64.rpm 46d09ec65f19ff797c891d7393077639 PPC: krb5-devel-1.5-23.ppc.rpm 5893dd512388b98b08a27731aa5b0db0 krb5-devel-1.5-23.ppc64.rpm 2d84c188dbb9891bee4193ce0b630170 krb5-libs-1.5-23.ppc.rpm 8f61b1442a98cdb0b7f2c33c6f9c845a krb5-libs-1.5-23.ppc64.rpm 28202a13540f51df7271b4906aeffee3 krb5-server-1.5-23.ppc.rpm 142642e400df7bc04dd2bb5dcc9104c0 krb5-workstation-1.5-23.ppc.rpm f80012b463a41caa664ccd4889d6fe95 s390x: krb5-devel-1.5-23.s390.rpm abeac98b7058da644ab3313c95260fc8 krb5-devel-1.5-23.s390x.rpm 43d6a06420b97743ab4a3c2e90bf04ab krb5-libs-1.5-23.s390.rpm ea2483cae9d3e51eb64ac0d666f5c9ad krb5-libs-1.5-23.s390x.rpm 4265bdd8290546ba7717709d61537e45 krb5-server-1.5-23.s390x.rpm 58c9038d7bd2defc09520d37240bd493 krb5-workstation-1.5-23.s390x.rpm 9f9d956d40fd3fdad018f5b335cbe72a x86_64: krb5-devel-1.5-23.i386.rpm 24f6ae2b75a877224f342de1aeec4023 krb5-devel-1.5-23.x86_64.rpm 954d03b3a0954834768f7564e0e7e741 krb5-libs-1.5-23.i386.rpm e996a6afe95019d0bcd41e6d3950bd92 krb5-libs-1.5-23.x86_64.rpm f9703e1dca02855ae83a2d6628d0fe4e krb5-server-1.5-23.x86_64.rpm b50e4fe195e2f236b45f7b22da01b8af krb5-workstation-1.5-23.x86_64.rpm a3969c5cb8d90e0d82f01a6899c6ce5a Red Hat Enterprise Linux AS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.2-44.src.rpm 8d63a222b9e449609a77bf20224bea5a IA-32: krb5-devel-1.2.2-44.i386.rpm e4ec8cf6b9a1edd3e4a6f48f56741730 krb5-libs-1.2.2-44.i386.rpm 6a4de547b1bc9756638c27b85273a8d4 krb5-server-1.2.2-44.i386.rpm 2a8dba9616ab803761112245de87aad2 krb5-workstation-1.2.2-44.i386.rpm a4f6fd148f0a88c5b9df569362ae9efd IA-64: krb5-devel-1.2.2-44.ia64.rpm 1638b9c05c1d7ec3ebfbe35ccef91b21 krb5-libs-1.2.2-44.ia64.rpm f70770ddbaa2e729d66cfa65be97de00 krb5-server-1.2.2-44.ia64.rpm 64ee3aa6cb75d8cfefa33ed1b6bdf6bf krb5-workstation-1.2.2-44.ia64.rpm 21795085e2bbfe0f522561ec894131a5 Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.7-61.src.rpm 241aa2f84b51636920795b1d34897082 IA-32: krb5-devel-1.2.7-61.i386.rpm eaa32e453e972bf98827197c22bdb360 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-server-1.2.7-61.i386.rpm 5c0cdb59311fc4f27f0a14d095b587dd krb5-workstation-1.2.7-61.i386.rpm 3ec0506072852c72d0014f0689ab1767 IA-64: krb5-devel-1.2.7-61.ia64.rpm bea06113679d91e1c267fa07d7591aee krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.ia64.rpm d17302e949fe07467399150361169956 krb5-server-1.2.7-61.ia64.rpm 089ab89df9e2457308910c50f05e23d4 krb5-workstation-1.2.7-61.ia64.rpm 89817c78ccf30b26849f3f70e1b9e1c4 PPC: krb5-devel-1.2.7-61.ppc.rpm 9343ac9061b43c7a143d5744b53f66ff krb5-libs-1.2.7-61.ppc.rpm 9bce14ed281a3452c9e3226d36880130 krb5-libs-1.2.7-61.ppc64.rpm ecd888402225cd2ad2fccf9fae9e1b0a krb5-server-1.2.7-61.ppc.rpm 51853eafc971447291b2761a2c6f5f2e krb5-workstation-1.2.7-61.ppc.rpm c5a976fb53f80c968a907cda0cf02ac1 s390: krb5-devel-1.2.7-61.s390.rpm 104e090af79861261cf949fcf6513f32 krb5-libs-1.2.7-61.s390.rpm 9923121785df4d2f2237aa2f81590ebf krb5-server-1.2.7-61.s390.rpm c37c6dfae6bd4eb96e5a5a02b0eb0494 krb5-workstation-1.2.7-61.s390.rpm acb769c65993e3e06e73494ea3f07fb6 s390x: krb5-devel-1.2.7-61.s390x.rpm b8ea39b450fc5a014ec0a893bca77223 krb5-libs-1.2.7-61.s390.rpm 9923121785df4d2f2237aa2f81590ebf krb5-libs-1.2.7-61.s390x.rpm caaff51b43eac165dbe1b5d7f7848498 krb5-server-1.2.7-61.s390x.rpm 05b786cb7f55619f88647663280c5731 krb5-workstation-1.2.7-61.s390x.rpm bd1470c9bc29a07e49ab7b4492a51697 x86_64: krb5-devel-1.2.7-61.x86_64.rpm 972fc297c47083dfaefaf1a8ea9ccab5 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.x86_64.rpm 9542fea7dbd067e1975bc5366d736d91 krb5-server-1.2.7-61.x86_64.rpm 137c91d6c1a6ca8aa05fefac6bc36513 krb5-workstation-1.2.7-61.x86_64.rpm 4aa5731d9c0be30795581d104855c6c3 Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: krb5-1.3.4-46.src.rpm 8ac2bf4e79c44334eccf011036807ba5 IA-32: krb5-devel-1.3.4-46.i386.rpm b567711dbaccedf883dbaacd01285388 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-server-1.3.4-46.i386.rpm 7a1e837828d09f1acc11a713f63aea39 krb5-workstation-1.3.4-46.i386.rpm b32d2aeec3195125c9257b0e48737614 IA-64: krb5-devel-1.3.4-46.ia64.rpm 7756cd881f328fa7671f219e82053434 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.ia64.rpm 794211f95860e0d58f6f0bc7ab7c5946 krb5-server-1.3.4-46.ia64.rpm 1e7d50c026975d7da8e18ab8c154c65d krb5-workstation-1.3.4-46.ia64.rpm bcc973738369b6fb56ebc2fbe0fd0cd2 PPC: krb5-devel-1.3.4-46.ppc.rpm 992da8e092120ea3b2356fbd192b4c7b krb5-libs-1.3.4-46.ppc.rpm 3cda5943b0084444f671437181a8f9f6 krb5-libs-1.3.4-46.ppc64.rpm 8e768b63cec8e5d9b8e69e9f21653b6c krb5-server-1.3.4-46.ppc.rpm 138aa7dfebab316975de4075df14bb55 krb5-workstation-1.3.4-46.ppc.rpm 36035bb3acbf15e82e9bb3ec6ff4d26b s390: krb5-devel-1.3.4-46.s390.rpm 5daa9e9b7baa112b4dfebf478b9a4f1e krb5-libs-1.3.4-46.s390.rpm e12e91dc0d63098d98ed36db865a84dc krb5-server-1.3.4-46.s390.rpm f2d8dd5bcb8f1379e3d99ef912ce44b1 krb5-workstation-1.3.4-46.s390.rpm 1cba876ad8e2b8c9d8f4f87c9863781a s390x: krb5-devel-1.3.4-46.s390x.rpm 8b3ac8636e195c3da4f8686fbaf9e16a krb5-libs-1.3.4-46.s390.rpm e12e91dc0d63098d98ed36db865a84dc krb5-libs-1.3.4-46.s390x.rpm 7a2164928f13bd99ecca920c0e921ec4 krb5-server-1.3.4-46.s390x.rpm 2a85452cd19682a137bded3505737950 krb5-workstation-1.3.4-46.s390x.rpm 8a296cad115e274c1a01d71b9ed9a73e x86_64: krb5-devel-1.3.4-46.x86_64.rpm cfc02be36863f29841df446afdb8e7db krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.x86_64.rpm 6703713f9a765367b16a925a3fd9c355 krb5-server-1.3.4-46.x86_64.rpm 29b872e3c0f0d6b2b74991411a5cca06 krb5-workstation-1.3.4-46.x86_64.rpm 7691da20ab235883310409a2c49397a7 Red Hat Enterprise Linux Desktop (v. 5 client) -------------------------------------------------------------------------------- SRPMS: krb5-1.5-23.src.rpm 19a3771be564d508b43e9d21ec28021f IA-32: krb5-libs-1.5-23.i386.rpm e996a6afe95019d0bcd41e6d3950bd92 krb5-workstation-1.5-23.i386.rpm 512ce44bca20f6f205f624131d9962da x86_64: krb5-libs-1.5-23.i386.rpm e996a6afe95019d0bcd41e6d3950bd92 krb5-libs-1.5-23.x86_64.rpm f9703e1dca02855ae83a2d6628d0fe4e krb5-workstation-1.5-23.x86_64.rpm a3969c5cb8d90e0d82f01a6899c6ce5a Red Hat Enterprise Linux ES (v. 2.1) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.2-44.src.rpm 8d63a222b9e449609a77bf20224bea5a IA-32: krb5-devel-1.2.2-44.i386.rpm e4ec8cf6b9a1edd3e4a6f48f56741730 krb5-libs-1.2.2-44.i386.rpm 6a4de547b1bc9756638c27b85273a8d4 krb5-server-1.2.2-44.i386.rpm 2a8dba9616ab803761112245de87aad2 krb5-workstation-1.2.2-44.i386.rpm a4f6fd148f0a88c5b9df569362ae9efd Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.7-61.src.rpm 241aa2f84b51636920795b1d34897082 IA-32: krb5-devel-1.2.7-61.i386.rpm eaa32e453e972bf98827197c22bdb360 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-server-1.2.7-61.i386.rpm 5c0cdb59311fc4f27f0a14d095b587dd krb5-workstation-1.2.7-61.i386.rpm 3ec0506072852c72d0014f0689ab1767 IA-64: krb5-devel-1.2.7-61.ia64.rpm bea06113679d91e1c267fa07d7591aee krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.ia64.rpm d17302e949fe07467399150361169956 krb5-server-1.2.7-61.ia64.rpm 089ab89df9e2457308910c50f05e23d4 krb5-workstation-1.2.7-61.ia64.rpm 89817c78ccf30b26849f3f70e1b9e1c4 x86_64: krb5-devel-1.2.7-61.x86_64.rpm 972fc297c47083dfaefaf1a8ea9ccab5 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.x86_64.rpm 9542fea7dbd067e1975bc5366d736d91 krb5-server-1.2.7-61.x86_64.rpm 137c91d6c1a6ca8aa05fefac6bc36513 krb5-workstation-1.2.7-61.x86_64.rpm 4aa5731d9c0be30795581d104855c6c3 Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: krb5-1.3.4-46.src.rpm 8ac2bf4e79c44334eccf011036807ba5 IA-32: krb5-devel-1.3.4-46.i386.rpm b567711dbaccedf883dbaacd01285388 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-server-1.3.4-46.i386.rpm 7a1e837828d09f1acc11a713f63aea39 krb5-workstation-1.3.4-46.i386.rpm b32d2aeec3195125c9257b0e48737614 IA-64: krb5-devel-1.3.4-46.ia64.rpm 7756cd881f328fa7671f219e82053434 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.ia64.rpm 794211f95860e0d58f6f0bc7ab7c5946 krb5-server-1.3.4-46.ia64.rpm 1e7d50c026975d7da8e18ab8c154c65d krb5-workstation-1.3.4-46.ia64.rpm bcc973738369b6fb56ebc2fbe0fd0cd2 x86_64: krb5-devel-1.3.4-46.x86_64.rpm cfc02be36863f29841df446afdb8e7db krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.x86_64.rpm 6703713f9a765367b16a925a3fd9c355 krb5-server-1.3.4-46.x86_64.rpm 29b872e3c0f0d6b2b74991411a5cca06 krb5-workstation-1.3.4-46.x86_64.rpm 7691da20ab235883310409a2c49397a7 Red Hat Enterprise Linux WS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.2-44.src.rpm 8d63a222b9e449609a77bf20224bea5a IA-32: krb5-devel-1.2.2-44.i386.rpm e4ec8cf6b9a1edd3e4a6f48f56741730 krb5-libs-1.2.2-44.i386.rpm 6a4de547b1bc9756638c27b85273a8d4 krb5-server-1.2.2-44.i386.rpm 2a8dba9616ab803761112245de87aad2 krb5-workstation-1.2.2-44.i386.rpm a4f6fd148f0a88c5b9df569362ae9efd Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: krb5-1.2.7-61.src.rpm 241aa2f84b51636920795b1d34897082 IA-32: krb5-devel-1.2.7-61.i386.rpm eaa32e453e972bf98827197c22bdb360 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-server-1.2.7-61.i386.rpm 5c0cdb59311fc4f27f0a14d095b587dd krb5-workstation-1.2.7-61.i386.rpm 3ec0506072852c72d0014f0689ab1767 IA-64: krb5-devel-1.2.7-61.ia64.rpm bea06113679d91e1c267fa07d7591aee krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.ia64.rpm d17302e949fe07467399150361169956 krb5-server-1.2.7-61.ia64.rpm 089ab89df9e2457308910c50f05e23d4 krb5-workstation-1.2.7-61.ia64.rpm 89817c78ccf30b26849f3f70e1b9e1c4 x86_64: krb5-devel-1.2.7-61.x86_64.rpm 972fc297c47083dfaefaf1a8ea9ccab5 krb5-libs-1.2.7-61.i386.rpm a5d2478c179b637f2a9a38fb22132492 krb5-libs-1.2.7-61.x86_64.rpm 9542fea7dbd067e1975bc5366d736d91 krb5-server-1.2.7-61.x86_64.rpm 137c91d6c1a6ca8aa05fefac6bc36513 krb5-workstation-1.2.7-61.x86_64.rpm 4aa5731d9c0be30795581d104855c6c3 Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: krb5-1.3.4-46.src.rpm 8ac2bf4e79c44334eccf011036807ba5 IA-32: krb5-devel-1.3.4-46.i386.rpm b567711dbaccedf883dbaacd01285388 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-server-1.3.4-46.i386.rpm 7a1e837828d09f1acc11a713f63aea39 krb5-workstation-1.3.4-46.i386.rpm b32d2aeec3195125c9257b0e48737614 IA-64: krb5-devel-1.3.4-46.ia64.rpm 7756cd881f328fa7671f219e82053434 krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.ia64.rpm 794211f95860e0d58f6f0bc7ab7c5946 krb5-server-1.3.4-46.ia64.rpm 1e7d50c026975d7da8e18ab8c154c65d krb5-workstation-1.3.4-46.ia64.rpm bcc973738369b6fb56ebc2fbe0fd0cd2 x86_64: krb5-devel-1.3.4-46.x86_64.rpm cfc02be36863f29841df446afdb8e7db krb5-libs-1.3.4-46.i386.rpm f0ff16c33d0c9ba6487c0bf3eaf40779 krb5-libs-1.3.4-46.x86_64.rpm 6703713f9a765367b16a925a3fd9c355 krb5-server-1.3.4-46.x86_64.rpm 29b872e3c0f0d6b2b74991411a5cca06 krb5-workstation-1.3.4-46.x86_64.rpm 7691da20ab235883310409a2c49397a7 Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor -------------------------------------------------------------------------------- SRPMS: krb5-1.2.2-44.src.rpm 8d63a222b9e449609a77bf20224bea5a IA-64: krb5-devel-1.2.2-44.ia64.rpm 1638b9c05c1d7ec3ebfbe35ccef91b21 krb5-libs-1.2.2-44.ia64.rpm f70770ddbaa2e729d66cfa65be97de00 krb5-server-1.2.2-44.ia64.rpm 64ee3aa6cb75d8cfefa33ed1b6bdf6bf krb5-workstation-1.2.2-44.ia64.rpm 21795085e2bbfe0f522561ec894131a5 (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 229782 - CVE-2007-0956 Unauthorized access via krb5-telnet daemon 231528 - CVE-2007-0957 krb5_klog_syslog() stack buffer overflow 231537 - CVE-2007-1216 krb5 double free flaw References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 http://www.redhat.com/security/updates/classification/#critical -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA-2007:0095-4 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-183: OpenAFS Vulnerability R-184: libwpd Security Update R-185: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilitites R-186: Lookup-el R-187: OpenOffice.org Security Update R-188: InterActual Player SyscheckObject ActiveX Vulnerability R-189: tcpdump Security Vulnerability R-190: Network Audio System Vulnerabilties R-191: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities R-192: Vulnerabilities in Graphics Rendering Engine (GDI)