List Info

Thread: MIT Kerberos 5: Arbitrary remote code execution
MIT Kerberos 5: Arbitrary remote code execution
country flaguser name
France		 2007-07-25 17:11:22 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -
Gentoo Linux Security Advisory                          
GLSA 200707-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -
                                            http://security.gentoo.or
g/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -

  Severity: High
     Title: MIT Kerberos 5: Arbitrary remote code execution
      Date: July 25, 2007
      Bugs: #183338
        ID: 200707-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -

Synopsis
========

Multiple vulnerabilities in MIT Kerberos 5 could potentially
result in
remote code execution with root privileges by
unauthenticated users.

Background
==========

MIT Kerberos 5 is a suite of applications that implement the
Kerberos
network protocol.

Affected packages
=================

   
------------------------------------------------------------
-------
     Package             /  Vulnerable  /                  
Unaffected
   
------------------------------------------------------------
-------
  1  app-crypt/mit-krb5     < 1.5.2-r3                   
 >= 1.5.2-r3

Description
===========

kadmind is affected by multiple vulnerabilities in the RPC
library
shipped with MIT Kerberos 5. It fails to properly handle
zero-length
RPC credentials (CVE-2007-2442) and the RPC library can
write past the
end of the stack buffer (CVE-2007-2443). Furthermore kadmind
fails to
do proper bounds checking (CVE-2007-2798).

Impact
======

A remote unauthenticated attacker could exploit these
vulnerabilities
to execute arbitrary code with root privileges.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MIT Kerberos 5 users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
">=app-crypt/mit-krb5-1.5.2-r3"

References
==========

  [ 1 ] CVE-2007-2442
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
7-2442
  [ 2 ] CVE-2007-2443
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
7-2443
  [ 3 ] CVE-2007-2798
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200
7-2798

Availability
============

This GLSA and any updates to it are available for viewing
at
the Gentoo Security Website:

  ht
tp://security.gentoo.org/glsa/glsa-200707-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring
the
confidentiality and security of our users machines is of
utmost
importance to us. Any security concerns should be addressed
to
securitygentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://
creativecommons.org/licenses/by-sa/2.5
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )