Obrir sessió
logo

DEFENSA DAVANT DE LES CIBERAMENACES

barra-separadora

Soporte de vulnerabilidades

Servicio de soporte de vulnerabilidadesAnálisis, notificación y seguimiento de aquellas vulnerabilidades más críticas, que impactan especialmente en las tecnologías empleadas en el sector público. El CCN-CERT trabajará en la recopilación y clasificación de las nuevas vulnerabilidades, realizando un análisis teórico y en laboratorio, cuando sea posible, de aquellas que por su criticidad lo requieran.

Se generarán documentos informativos o “abstracts” de dichas vulnerabilidades y se llevará a cabo un seguimiento de la evolución de la vulnerabilidad en Internet, alertando a los organismos ante cambios en la criticidad, aparición de parches, nuevas recomendaciones, constancia de explotaciones activas, etc.

Para inscribirse en este servicio o recibir más información, escribir al correo electrónico: soporte_acreditacion@ccn.cni.es

Abstracts:


Boletines de Vulnerabilidades


Múltiples vulnerabilidades en Kerberos

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Avanzado
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricant afectat GNU/Linux
Software afectado Kerberos version 5
Cisco VPN 3000 Series Concentrators & software v. 4.0.x < 4.0.5.B
Cisco VPN 3000 Series Concentrators & software v. 4.1.x < 4.1.5.B

Descripción

Se han descubierto varias vulnerabilidades en la versión 5 de Kerberos:

CAN-2004-0642 [VU#795632]
Una gestión incorrecta de las llamadas a la función free() puede causar que un usuario no autenticado ejecute código arbitrario en el servidor KDC o los clientes.

CAN-2004-0643 [VU#866472]
Una gestión incorrecta de las llamadas a la función free() puede causar que un usuario autenticado ejecute código arbitrario en los servidores de aplicación KDC.

CAN-2004-0644 [VU#550464]
Se ha encontrado una vulnerabilidad de Denegación de Servicio en KDC y sus librerías.

CAN-2004-0772 [VU#350792]
Una gestión incorrecta de las llamadas a la función free() puede causar que un atacante ejecute código arbitrario en el servidor.

Solución



Actualización de software

Debian
Fuentes
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.dsc
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.diff.gz
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz
Componentes independientes de la arquitectura
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody6_all.deb
Arquitectura Alpha
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_alpha.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_alpha.deb
Arquitectura ARM
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_arm.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_arm.deb
Arquitectura Intel IA-32
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_i386.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_i386.deb
Arquitectura Intel IA-64
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_ia64.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_ia64.deb
Arquitectura HP Precision
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_hppa.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_hppa.deb
Arquitectura Motorola 680x0
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_m68k.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_m68k.deb
Arquitectura Big endian MIPS
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mips.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mips.deb
Arquitectura Little endian MIPS
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mipsel.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mipsel.deb
Arquitectura PowerPC
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_powerpc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_powerpc.deb
Arquitectura IBM S/390
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_s390.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_s390.deb
Arquitectura Sun Sparc
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_sparc.deb
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_sparc.deb

Red Hat Linux

Red Hat Enterprise Linux AS (v. 2.1) - SRPMS
krb5-1.2.2-31.src.rpm t

Red Hat Enterprise Linux AS (v. 2.1) - i386
krb5-devel-1.2.2-31.i386.rpm t
krb5-libs-1.2.2-31.i386.rpm t
krb5-server-1.2.2-31.i386.rpm t
krb5-workstation-1.2.2-31.i386.rpm t

Red Hat Enterprise Linux AS (v. 2.1) - ia64
krb5-devel-1.2.2-31.ia64.rpm t
krb5-libs-1.2.2-31.ia64.rpm t
krb5-server-1.2.2-31.ia64.rpm t
krb5-workstation-1.2.2-31.ia64.rpm t

Red Hat Enterprise Linux ES (v. 2.1) - SRPMS
krb5-1.2.2-31.src.rpm t

Red Hat Enterprise Linux ES (v. 2.1) - i386
krb5-devel-1.2.2-31.i386.rpm t
krb5-libs-1.2.2-31.i386.rpm t
krb5-server-1.2.2-31.i386.rpm t
krb5-workstation-1.2.2-31.i386.rpm t

Red Hat Enterprise Linux WS (v. 2.1) - SRPMS
krb5-1.2.2-31.src.rpm t

Red Hat Enterprise Linux WS (v. 2.1) - i386
krb5-devel-1.2.2-31.i386.rpm t
krb5-libs-1.2.2-31.i386.rpm t
krb5-server-1.2.2-31.i386.rpm t
krb5-workstation-1.2.2-31.i386.rpm t

Red Hat Linux Advanced Workstation 2.1 Itanium Processor - SRPMS
krb5-1.2.2-31.src.rpm t

Red Hat Linux Advanced Workstation 2.1 Itanium Processor - ia64
krb5-devel-1.2.2-31.ia64.rpm t
krb5-libs-1.2.2-31.ia64.rpm t
krb5-server-1.2.2-31.ia64.rpm t
krb5-workstation-1.2.2-31.ia64.rpm t

Red Hat Desktop (v. 3) - AMD64
krb5-devel-1.2.7-28.x86_64.rpm t
krb5-libs-1.2.7-28.x86_64.rpm t
krb5-server-1.2.7-28.x86_64.rpm t
krb5-workstation-1.2.7-28.x86_64.rpm t

Red Hat Desktop (v. 3) - SRPMS
krb5-1.2.7-28.src.rpm t

Red Hat Desktop (v. 3) - i386
krb5-devel-1.2.7-28.i386.rpm t
krb5-libs-1.2.7-28.i386.rpm t
krb5-server-1.2.7-28.i386.rpm t
krb5-workstation-1.2.7-28.i386.rpm t

Red Hat Enterprise Linux AS (v. 3) - AMD64
krb5-devel-1.2.7-28.x86_64.rpm t
krb5-libs-1.2.7-28.x86_64.rpm t
krb5-server-1.2.7-28.x86_64.rpm t
krb5-workstation-1.2.7-28.x86_64.rpm t

Red Hat Enterprise Linux AS (v. 3) - SRPMS
krb5-1.2.7-28.src.rpm t

Red Hat Enterprise Linux AS (v. 3) - i386
krb5-devel-1.2.7-28.i386.rpm t
krb5-libs-1.2.7-28.i386.rpm t
krb5-server-1.2.7-28.i386.rpm t
krb5-workstation-1.2.7-28.i386.rpm t

Red Hat Enterprise Linux AS (v. 3) - ia64
krb5-devel-1.2.7-28.ia64.rpm t
krb5-libs-1.2.7-28.ia64.rpm t
krb5-server-1.2.7-28.ia64.rpm t
krb5-workstation-1.2.7-28.ia64.rpm t

Red Hat Enterprise Linux AS (v. 3) - ppc
krb5-devel-1.2.7-28.ppc.rpm t
krb5-libs-1.2.7-28.ppc.rpm t
krb5-server-1.2.7-28.ppc.rpm t
krb5-workstation-1.2.7-28.ppc.rpm t

Red Hat Enterprise Linux AS (v. 3) - ppc64
krb5-devel-1.2.7-28.ppc64.rpm t
krb5-libs-1.2.7-28.ppc64.rpm t
krb5-server-1.2.7-28.ppc64.rpm t
krb5-workstation-1.2.7-28.ppc64.rpm t

Red Hat Enterprise Linux AS (v. 3) - s390
krb5-devel-1.2.7-28.s390.rpm t
krb5-libs-1.2.7-28.s390.rpm t
krb5-server-1.2.7-28.s390.rpm t
krb5-workstation-1.2.7-28.s390.rpm t

Red Hat Enterprise Linux AS (v. 3) - s390x
krb5-devel-1.2.7-28.s390x.rpm t
krb5-libs-1.2.7-28.s390x.rpm t
krb5-server-1.2.7-28.s390x.rpm t
krb5-workstation-1.2.7-28.s390x.rpm t

Red Hat Enterprise Linux ES (v. 3) - AMD64
krb5-devel-1.2.7-28.x86_64.rpm t
krb5-libs-1.2.7-28.x86_64.rpm t
krb5-server-1.2.7-28.x86_64.rpm t
krb5-workstation-1.2.7-28.x86_64.rpm t

Red Hat Enterprise Linux ES (v. 3) - SRPMS
krb5-1.2.7-28.src.rpm t

Red Hat Enterprise Linux ES (v. 3) - i386
krb5-devel-1.2.7-28.i386.rpm t
krb5-libs-1.2.7-28.i386.rpm t
krb5-server-1.2.7-28.i386.rpm t
krb5-workstation-1.2.7-28.i386.rpm t

Red Hat Enterprise Linux ES (v. 3) - ia64
krb5-devel-1.2.7-28.ia64.rpm t
krb5-libs-1.2.7-28.ia64.rpm t
krb5-server-1.2.7-28.ia64.rpm t
krb5-workstation-1.2.7-28.ia64.rpm t

Red Hat Enterprise Linux WS (v. 3) - AMD64
krb5-devel-1.2.7-28.x86_64.rpm t
krb5-libs-1.2.7-28.x86_64.rpm t
krb5-server-1.2.7-28.x86_64.rpm t
krb5-workstation-1.2.7-28.x86_64.rpm t

Red Hat Enterprise Linux WS (v. 3) - SRPMS
krb5-1.2.7-28.src.rpm t

Red Hat Enterprise Linux WS (v. 3) - i386
krb5-devel-1.2.7-28.i386.rpm t
krb5-libs-1.2.7-28.i386.rpm t
krb5-server-1.2.7-28.i386.rpm t
krb5-workstation-1.2.7-28.i386.rpm t

Red Hat Enterprise Linux WS (v. 3) - ia64
krb5-devel-1.2.7-28.ia64.rpm t
krb5-libs-1.2.7-28.ia64.rpm t
krb5-server-1.2.7-28.ia64.rpm t
krb5-workstation-1.2.7-28.ia64.rpm

MIT-Kerberos
MIT-Kerberos 5-1.3.4
http://web.mit.edu/kerberos/advisories/2004-003-patch_1.3.4.txt
http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.4.txt
MIT-Kerberos 5-1.3.1
http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.1.txt
MIT-Kerberos 5-1.2.8
http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.8.txt
http://web.mit.edu/kerberos/advisories/2004-003-patch_1.2.8.txt
MIT-Kerberos 5-1.2.7
http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.7.txt
MIT-Kerberos 5-1.2.5
http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.5.txt

Mandrake Linux
Mandrakelinux 9.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/ftp-client-krb5-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/ftp-server-krb5-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/krb5-devel-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/krb5-libs-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/krb5-server-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/krb5-workstation-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/telnet-client-krb5-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/telnet-server-krb5-1.2.7-1.4.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/SRPMS/krb5-1.2.7-1.4.91mdk.src.rpm
Mandrakelinux 9.1/PPC
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/ftp-client-krb5-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/ftp-server-krb5-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/krb5-devel-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/krb5-libs-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/krb5-server-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/krb5-workstation-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/telnet-client-krb5-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/telnet-server-krb5-1.2.7-1.4.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/SRPMS/krb5-1.2.7-1.4.91mdk.src.rpm
Mandrakelinux 9.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-client-krb5-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-server-krb5-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-server-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-workstation-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-devel-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-client-krb5-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-server-krb5-1.3-3.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/krb5-1.3-3.3.92mdk.src.rpm
Mandrakelinux 9.2/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-client-krb5-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-server-krb5-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-server-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-workstation-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-devel-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-client-krb5-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-server-krb5-1.3-3.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/krb5-1.3-3.3.92mdk.src.rpm
Mandrakelinux 10.0
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-client-krb5-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-server-krb5-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-server-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-workstation-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-devel-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-client-krb5-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-server-krb5-1.3-6.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/krb5-1.3-6.3.100mdk.src.rpm
Mandrakelinux 10.0/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-client-krb5-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-server-krb5-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-server-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-workstation-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-devel-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-client-krb5-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-server-krb5-1.3-6.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/krb5-1.3-6.3.100mdk.src.rpm
Multi Network Firewall 8.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/krb5-libs-1.2.2-17.8.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/SRPMS/krb5-1.2.2-17.8.M82mdk.src.rpm
Corporate Server 2.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-devel-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-libs-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-server-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.7.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/krb5-1.2.5-1.7.C21mdk.src.rpm
Corporate Server 2.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.7.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.7.C21mdk.src.rpm

Cisco
Cisco VPN 3000 Series Concentrators software >= 4.0.5.B
Cisco VPN 3000 Series Concentrators software >= 4.1.5.B
http://www.cisco.com/

Sun

Solaris 9
SPARC
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-112908-16-1
x86
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-115168-05-1

IBM
AIX 5.3
AIX 5.2
AIX 5.1
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=7&heading=AIX52&topic=SECURITY&month=200409&bulletin=datafile162720&date=20040930

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0642
CAN-2004-0643
CAN-2004-0644
CAN-2004-0772
BID NULL

Recursos adicionales

Debian Security Advisory DSA 543-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00147.html

Red Hat Security Advisory RHSA-2004:350-12
https://rhn.redhat.com/errata/RHSA-2004-350.html

Red Hat Security Advisory RHSA-2004:448-13
https://rhn.redhat.com/errata/RHSA-2004-448.html

MIT krb5 Security Advisory 2004-003 SA-2004-002
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt

MIT krb5 Security Advisory 2004-003 SA-2004-003
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt

Mandrake Security Advisory MDKSA-2004:088
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:088

Cisco Security Advisory ID 61720
http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml

Sun(sm) Alert Notification 57631
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57631-1

IBM Security Advisory
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=7&heading=AIX52&topic=SECURITY&month=200409&bulletin=datafile162720&date=20040930

Histórico de versiones

Versión Comentario Data
1.0 Avido emitido 2004-09-02
1.1 Aviso emitido por MIT (SA-2004-003-asn1) 2004-09-02
1.2 Aviso emitido por Cisco (ID 61720) 2004-09-03
1.3 Aviso emitido por Sun (57631) 2004-09-06
1.4 Aviso emitido por IBM. 2004-10-01
1.5 Aviso actualizado por Sun (57631) 2004-11-02
1.6 Aviso emitido por Apple (2004-12-02) 2004-12-03
1.7 Suprimida la referencia de Apple (trasladada a CCN-CERT-412-01182) 2004-12-09
Tornar

Este sitio web utiliza cookies propias y de terceros para el correcto funcionamiento y visualización del sitio web por parte del usuario, así como la recogida de estadísticas. Si continúa navegando, consideramos que acepta su uso. Puede cambiar la configuración u obtener más información. Modificar configuración