Boletines de Vulnerabilidades |
Múltiples vulnerabilidades en krb5 |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Compromiso Root |
Dificultad | Experto |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio exotico |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | krb5 |
Descripción |
|
Se han descubierto múltiples vulnerabilidades en krb5. Las vulnerabilidades son descritas a continuación. - CVE-2007-0956: Se ha descubierto una vulnerabilidad en krb5. La vulnerabilidad reside en un error en el manejo de la autentificación krb5 en el demonio telnet. Un atacante remoto que haya conseguido acceso podría conseguir la cuenta de root sin necesidad de contraseña. - CVE-2007-0957: Se ha descubierto una vulnerabilidad del tipo desbordamiento de búfer en Kerberos KDC y en el servidor kadmin. Un atacante remoto podría ejecutar código arbitrario con los privilegios de los procesos KDC o del servidor kadmin. - CVE-2007-1216: Se ha descubierto una vulnerabilidad en la librería GSSAPI que usa el servidor kadmin.Un atacante remoto podría causar una denegación de servicio. |
|
Solución |
|
Actualización de software Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge4_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_arm.deb HP Precision http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_hppa.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_ia64.deb Motorola 680x0 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge4_sparc.deb Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch1.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch1.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch1_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_arm.deb HP Precision http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_hppa.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_ia64.deb Motorola 680x0 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch1_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch1_sparc.deb Red Hat (RHSA-2007:0095-4) RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ Sun (102867) SEAM 1.0.1 / Solaris 8 / SPARC / patch 110060-21 SEAM 1.0.2 / Solaris 9 / SPARC / patch 116462-06 SEAM 1.0.1 / Solaris 8 / x86 / patch 110061-21 SEAM 1.0.2 / Solaris 9 / x86 / patch 119796-04 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Mandriva (MDKSA-2007:077) Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-client-krb5-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-server-krb5-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-server-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-workstation-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-devel-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-client-krb5-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-server-krb5-1.3-6.8.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-client-krb5-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-server-krb5-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-server-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-workstation-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-devel-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-client-krb5-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-server-krb5-1.3-6.8.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.8.C30mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/i586/libkrb51-1.3-6.8.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/krb5-1.3-6.8.M20mdk.src.rpm Mandriva Linux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/ftp-client-krb5-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/ftp-server-krb5-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/krb5-server-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/krb5-workstation-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/libkrb53-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/libkrb53-devel-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/telnet-client-krb5-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/telnet-server-krb5-1.4.2-2.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/ftp-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/ftp-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/krb5-server-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/krb5-workstation-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/lib64krb53-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/lib64krb53-devel-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/telnet-client-krb5-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/telnet-server-krb5-1.4.2-2.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/krb5-1.4.2-2.2.20060mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-server-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-workstation-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-devel-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-client-krb5-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-server-krb5-1.4.3-6.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-server-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-workstation-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-devel-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-client-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-server-krb5-1.4.3-6.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.1mdv2007.0.src.rpm Corporate Server 4.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-server-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-workstation-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-devel-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-client-krb5-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-server-krb5-1.4.3-5.2.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-server-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-workstation-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.2.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.2.20060mlcs4.src.rpm SGI Advanced Linux Environment 3 / RPM / Patch 10389 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10389 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS Sun(102930) Solaris 10 / SPARC / patch 120473-10 Solaris 10 / x86 / patch 120037-20 De momento, no existe parche oficial para esta vulnerabilidad. http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE |
CVE-2007-0956 CVE-2007-0957 CVE-2007-1216 |
BID |
23281 23285 23282 |
Recursos adicionales |
|
Debian Security Advisory (DSA 1276-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00032.html Red Hat Security Advisory (RHSA-2007:0095-4) https://rhn.redhat.com/errata/RHSA-2007-0095.html Sun Alert Notification (102867) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102867-1 SUSE Security Advisory (SUSE-SA:2007:025) http://www.novell.com/linux/security/advisories/2007_25_krb5.html Mandriva Security Advisory (MDKSA-2007:077) http://www.mandriva.com/security/advisories?name=MDKSA-2007:077 SGI Security Advisory (20070401-01-P) ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc Mandriva Security Advisory (MDKSA-2007:077-1) http://www.mandriva.com/security/advisories?name=MDKSA-2007:077-1 Sun Alert Notification (102930) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1 |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2007-04-04 |
1.1 | Aviso emitido por Suse (SUSE-SA:2007:025), Aviso emitido por Mandriva (MDKSA-2007:077), Aviso emitido por SGI (20070401-01-P), Aviso actualizado por Sun (102867) | 2007-04-10 |
1.2 | Aviso actualizado por Mandriva (MDKSA-2007:077-1) | 2007-04-13 |
1.3 | Aviso emitido por Sun (102930) | 2007-05-30 |
1.4 | Aviso actualizado por Sun (102930) | 2007-06-19 |