Obrir sessió
logo

DEFENSA DAVANT DE LES CIBERAMENACES

barra-separadora

Soporte de vulnerabilidades

Servicio de soporte de vulnerabilidadesAnálisis, notificación y seguimiento de aquellas vulnerabilidades más críticas, que impactan especialmente en las tecnologías empleadas en el sector público. El CCN-CERT trabajará en la recopilación y clasificación de las nuevas vulnerabilidades, realizando un análisis teórico y en laboratorio, cuando sea posible, de aquellas que por su criticidad lo requieran.

Se generarán documentos informativos o “abstracts” de dichas vulnerabilidades y se llevará a cabo un seguimiento de la evolución de la vulnerabilidad en Internet, alertando a los organismos ante cambios en la criticidad, aparición de parches, nuevas recomendaciones, constancia de explotaciones activas, etc.

Para inscribirse en este servicio o recibir más información, escribir al correo electrónico: soporte_acreditacion@ccn.cni.es

Abstracts:


Boletines de Vulnerabilidades


Compromiso de root en Kerberos V

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Avanzado
Requerimientos del atacante Acceso remoto con cuenta

Información sobre el sistema

Propiedad Valor
Fabricant afectat GNU/Linux
Software afectado Kerberos V5 <= 1.3.5

Descripción

Se ha encontrado una vulnerabilidad en Kerberos V5, la cual podría ser explotada por un usuario malicioso para comprometer un sistema.

La vulnerabilidad se debe a un error de comprobación de límites en la función add_to_history(), de la librería de administración libkadm5srv, en el momento de realizar el manejo del historial de contraseñas.

La vulnerabilidad puede ser aprovechada para generar un desbordamiento de búfer en la zona de heap al cambiar una contraseña para posteriormente poder ejecutar código arbitrario en un servidor Key Distribution Center (KDC) vulnerable.

No obstante, para que el ataque tenga efecto el administrador debe haber realizado cambios en la política de contraseñas.

Solución



Software update

Kerberos V5
Aplique el parche de la versión 1.3.5:
http://web.mit.edu/kerberos/advisories/2004-004-patch_1.3.5.txt
http://web.mit.edu/kerberos/advisories/2004-004-patch_1.3.5.txt.asc

Mandrake Linux
Mandrake Linux 9.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-client-krb5-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-server-krb5-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-server-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-workstation-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-devel-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-client-krb5-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-server-krb5-1.3-3.4.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/krb5-1.3-3.4.92mdk.src.rpm
Mandrake Linux 9.2/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-client-krb5-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-server-krb5-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-server-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-workstation-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-devel-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-client-krb5-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-server-krb5-1.3-3.4.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/krb5-1.3-3.4.92mdk.src.rpm
Mandrake Linux 10.0
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-client-krb5-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-server-krb5-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-server-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-workstation-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-devel-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-client-krb5-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-server-krb5-1.3-6.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/krb5-1.3-6.4.100mdk.src.rpm
Mandrake Linux 10.0/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-client-krb5-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-server-krb5-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-server-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-workstation-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-devel-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-client-krb5-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-server-krb5-1.3-6.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/krb5-1.3-6.4.100mdk.src.rpm
Mandrake Linux 10.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-client-krb5-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-server-krb5-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-server-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-workstation-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-devel-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-client-krb5-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-server-krb5-1.3.4-2.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/krb5-1.3.4-2.1.101mdk.src.rpm
Mandrake Linux 10.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-server-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/krb5-1.3.4-2.1.101mdk.src.rpm
Corporate Server 2.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-devel-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-libs-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-server-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/krb5-1.2.5-1.8.C21mdk.src.rpm
Corporate Server 2.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.8.C21mdk.src.rpm

Fedora Linux
Fedora Linux Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora Linux Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Debian Linux

Debian Linux 3.0
Fuentes:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody7.dsc
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody7.diff.gz
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz
Componentes independientes de la arquitectura:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody7_all.deb
Alpha:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_sparc.deb

Red Hat Linux

Red Hat Desktop (v. 3) / SRPMS:
krb5-1.2.7-38.src.rpm t

Red Hat Desktop (v. 3) / IA-32:
krb5-devel-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-workstation-1.2.7-38.i386.rpm t

Red Hat Desktop (v. 3) / x86_64:
krb5-devel-1.2.7-38.x86_64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.x86_64.rpm t
krb5-workstation-1.2.7-38.x86_64.rpm t

Red Hat Enterprise Linux AS (v. 2.1) / SRPMS:
krb5-1.2.2-32.src.rpm t

Red Hat Enterprise Linux AS (v. 2.1) / IA-32:
krb5-devel-1.2.2-32.i386.rpm t
krb5-libs-1.2.2-32.i386.rpm t
krb5-server-1.2.2-32.i386.rpm t
krb5-workstation-1.2.2-32.i386.rpm t

Red Hat Enterprise Linux AS (v. 2.1) / IA-64:
krb5-devel-1.2.2-32.ia64.rpm t
krb5-libs-1.2.2-32.ia64.rpm t
krb5-server-1.2.2-32.ia64.rpm t
krb5-workstation-1.2.2-32.ia64.rpm t

Red Hat Enterprise Linux AS (v. 3) / SRPMS:
krb5-1.2.7-38.src.rpm t

Red Hat Enterprise Linux AS (v. 3) / IA-32:
krb5-devel-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-server-1.2.7-38.i386.rpm t
krb5-workstation-1.2.7-38.i386.rpm t

Red Hat Enterprise Linux AS (v. 3) / IA-64:
krb5-devel-1.2.7-38.ia64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.ia64.rpm t
krb5-server-1.2.7-38.ia64.rpm t
krb5-workstation-1.2.7-38.ia64.rpm t

Red Hat Enterprise Linux AS (v. 3) / PPC:
krb5-devel-1.2.7-38.ppc.rpm t
krb5-libs-1.2.7-38.ppc.rpm t
krb5-libs-1.2.7-38.ppc64.rpm t
krb5-server-1.2.7-38.ppc.rpm t
krb5-workstation-1.2.7-38.ppc.rpm t

Red Hat Enterprise Linux AS (v. 3) / s390:
krb5-devel-1.2.7-38.s390.rpm t
krb5-libs-1.2.7-38.s390.rpm t
krb5-server-1.2.7-38.s390.rpm t
krb5-workstation-1.2.7-38.s390.rpm t

Red Hat Enterprise Linux AS (v. 3) / s390x:
krb5-devel-1.2.7-38.s390x.rpm t
krb5-libs-1.2.7-38.s390.rpm t
krb5-libs-1.2.7-38.s390x.rpm t
krb5-server-1.2.7-38.s390x.rpm t
krb5-workstation-1.2.7-38.s390x.rpm t

Red Hat Enterprise Linux AS (v. 3) / x86_64:
krb5-devel-1.2.7-38.x86_64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.x86_64.rpm t
krb5-server-1.2.7-38.x86_64.rpm t
krb5-workstation-1.2.7-38.x86_64.rpm t

Red Hat Enterprise Linux ES (v. 2.1) / SRPMS:
krb5-1.2.2-32.src.rpm t

Red Hat Enterprise Linux ES (v. 2.1) / IA-32:
krb5-devel-1.2.2-32.i386.rpm t
krb5-libs-1.2.2-32.i386.rpm t
krb5-server-1.2.2-32.i386.rpm t
krb5-workstation-1.2.2-32.i386.rpm t

Red Hat Enterprise Linux ES (v. 3) / SRPMS:
krb5-1.2.7-38.src.rpm t

Red Hat Enterprise Linux ES (v. 3) / IA-32:
krb5-devel-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-server-1.2.7-38.i386.rpm t
krb5-workstation-1.2.7-38.i386.rpm t

Red Hat Enterprise Linux ES (v. 3) / IA-64:
krb5-devel-1.2.7-38.ia64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.ia64.rpm t
krb5-server-1.2.7-38.ia64.rpm t
krb5-workstation-1.2.7-38.ia64.rpm t

Red Hat Enterprise Linux ES (v. 3) / x86_64:
krb5-devel-1.2.7-38.x86_64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.x86_64.rpm t
krb5-server-1.2.7-38.x86_64.rpm t
krb5-workstation-1.2.7-38.x86_64.rpm t

Red Hat Enterprise Linux WS (v. 2.1) / SRPMS:
krb5-1.2.2-32.src.rpm t

Red Hat Enterprise Linux WS (v. 2.1) / IA-32:
krb5-devel-1.2.2-32.i386.rpm t
krb5-libs-1.2.2-32.i386.rpm t
krb5-server-1.2.2-32.i386.rpm t
krb5-workstation-1.2.2-32.i386.rpm t

Red Hat Enterprise Linux WS (v. 3) / SRPMS:
krb5-1.2.7-38.src.rpm t

Red Hat Enterprise Linux WS (v. 3) / IA-32:
krb5-devel-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-workstation-1.2.7-38.i386.rpm t

Red Hat Enterprise Linux WS (v. 3) / IA-64:
krb5-devel-1.2.7-38.ia64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.ia64.rpm t
krb5-workstation-1.2.7-38.ia64.rpm t

Red Hat Enterprise Linux WS (v. 3) / x86_64:
krb5-devel-1.2.7-38.x86_64.rpm t
krb5-libs-1.2.7-38.i386.rpm t
krb5-libs-1.2.7-38.x86_64.rpm t
krb5-workstation-1.2.7-38.x86_64.rpm t

Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS:
krb5-1.2.2-32.src.rpm t

Red Hat Enterprise Linux WS (v. 3) / IA-64:
krb5-devel-1.2.2-32.ia64.rpm t
krb5-libs-1.2.2-32.ia64.rpm t
krb5-server-1.2.2-32.ia64.rpm t
krb5-workstation-1.2.2-32.ia64.rpm

Red Hat Linux
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
https://rhn.redhat.com/

Sun

SEAM 1.0.1 / Solaris 8
SPARC
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-110060-16-1
x86
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-110061-15-1

Solaris 9
SPARC
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-112921-06-1
x86
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116046-06-1

Identificadores estándar

Propiedad Valor
CVE CAN-2004-1189
BID NULL

Recursos adicionales

MIT krb5 Security Advisory 2004-004
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-004-pwhist.txt

Mandrakesoft Security Advisories MDKSA-2004:156
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:156

Fedora Linux security advisory FEDORA-2004-563
http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00089.html

Fedora Linux security advisory FEDORA-2004-564
http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00090.html

Debian Security Advisory DSA-629-1
http://www.debian.org/security/2005/dsa-629

Red Hat Linux Security Advisory RHSA-2005:012-10
https://rhn.redhat.com/errata/RHSA-2005-012.html

Red Hat Security Advisory RHSA-2005:045-13
https://rhn.redhat.com/errata/RHSA-2005-045.html

Sun(sm) Alert Notification 57712
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57712-1

Histórico de versiones

Versión Comentario Data
1.0 Aviso emitido 2004-12-22
1.1 Avisos emitidos por Mandrake Linux (MDKSA-2004:156) y Fedora Linux (FEDORA-2004-563, FEDORA-2004-564) 2004-12-23
1.2 Aviso emitido por Debian Linux (DSA-629-1) 2005-01-10
1.3 Aviso emitido por Red Hat Linux (RHSA-2005:012-10) 2005-01-21
1.4 Aviso emitido por Red Hat (RHSA-2005:045-13) 2005-02-16
1.5 Aviso emitido por Sun (57712) 2005-03-04
Tornar

Este sitio web utiliza cookies propias y de terceros para el correcto funcionamiento y visualización del sitio web por parte del usuario, así como la recogida de estadísticas. Si continúa navegando, consideramos que acepta su uso. Puede cambiar la configuración u obtener más información. Modificar configuración