Vulnerability Bulletins

int(1225)

Vulnerability Bulletins

Compromiso de root en Kerberos V
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Avanzado
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Kerberos V5 <= 1.3.5
Description
Se ha encontrado una vulnerabilidad en Kerberos V5, la cual podría ser explotada por un usuario malicioso para comprometer un sistema. La vulnerabilidad se debe a un error de comprobación de límites en la función add_to_history(), de la librería de administración libkadm5srv, en el momento de realizar el manejo del historial de contraseñas. La vulnerabilidad puede ser aprovechada para generar un desbordamiento de búfer en la zona de heap al cambiar una contraseña para posteriormente poder ejecutar código arbitrario en un servidor Key Distribution Center (KDC) vulnerable. No obstante, para que el ataque tenga efecto el administrador debe haber realizado cambios en la política de contraseñas.
Solution
Software update Kerberos V5 Aplique el parche de la versión 1.3.5: http://web.mit.edu/kerberos/advisories/2004-004-patch_1.3.5.txt http://web.mit.edu/kerberos/advisories/2004-004-patch_1.3.5.txt.asc Mandrake Linux Mandrake Linux 9.2 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-client-krb5-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ftp-server-krb5-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-server-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/krb5-workstation-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libkrb51-devel-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-client-krb5-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/telnet-server-krb5-1.3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/krb5-1.3-3.4.92mdk.src.rpm Mandrake Linux 9.2/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-client-krb5-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ftp-server-krb5-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-server-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/krb5-workstation-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64krb51-devel-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-client-krb5-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/telnet-server-krb5-1.3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/krb5-1.3-3.4.92mdk.src.rpm Mandrake Linux 10.0 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-client-krb5-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-server-krb5-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-server-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-workstation-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-devel-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-client-krb5-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-server-krb5-1.3-6.4.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/krb5-1.3-6.4.100mdk.src.rpm Mandrake Linux 10.0/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-client-krb5-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-server-krb5-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-server-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-workstation-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-devel-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-client-krb5-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-server-krb5-1.3-6.4.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/krb5-1.3-6.4.100mdk.src.rpm Mandrake Linux 10.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-client-krb5-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-server-krb5-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-server-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-workstation-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-devel-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-client-krb5-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-server-krb5-1.3.4-2.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/krb5-1.3.4-2.1.101mdk.src.rpm Mandrake Linux 10.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-server-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/krb5-1.3.4-2.1.101mdk.src.rpm Corporate Server 2.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-devel-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-libs-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-server-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.8.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/krb5-1.2.5-1.8.C21mdk.src.rpm Corporate Server 2.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.8.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.8.C21mdk.src.rpm Fedora Linux Fedora Linux Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ Fedora Linux Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Debian Linux Debian Linux 3.0 Fuentes: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody7.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody7.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz Componentes independientes de la arquitectura: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody7_all.deb Alpha: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_alpha.deb ARM: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_arm.deb Intel IA-32: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_ia64.deb HPPA: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_hppa.deb Motorola 680x0: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_m68k.deb Big endian MIPS: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_mips.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_mips.deb Little endian MIPS: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_mipsel.deb PowerPC: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_powerpc.deb IBM S/390: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_s390.deb Sun Sparc: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody7_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody7_sparc.deb Red Hat Linux Red Hat Desktop (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Desktop (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Desktop (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC: krb5-devel-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc64.rpm krb5-server-1.2.7-38.ppc.rpm krb5-workstation-1.2.7-38.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390: krb5-devel-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390.rpm krb5-server-1.2.7-38.s390.rpm krb5-workstation-1.2.7-38.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x: krb5-devel-1.2.7-38.s390x.rpm krb5-libs-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390x.rpm krb5-server-1.2.7-38.s390x.rpm krb5-workstation-1.2.7-38.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Red Hat Linux Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Sun SEAM 1.0.1 / Solaris 8 SPARC http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-110060-16-1 x86 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-110061-15-1 Solaris 9 SPARC http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-112921-06-1 x86 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116046-06-1
Standar resources
Property	Value
CVE	CAN-2004-1189
BID
Other resources
MIT krb5 Security Advisory 2004-004 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-004-pwhist.txt Mandrakesoft Security Advisories MDKSA-2004:156 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:156 Fedora Linux security advisory FEDORA-2004-563 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00089.html Fedora Linux security advisory FEDORA-2004-564 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00090.html Debian Security Advisory DSA-629-1 http://www.debian.org/security/2005/dsa-629 Red Hat Linux Security Advisory RHSA-2005:012-10 https://rhn.redhat.com/errata/RHSA-2005-012.html Red Hat Security Advisory RHSA-2005:045-13 https://rhn.redhat.com/errata/RHSA-2005-045.html Sun(sm) Alert Notification 57712 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57712-1

Version history
Version	Comments	Date
1.0	Aviso emitido	2004-12-22
1.1	Avisos emitidos por Mandrake Linux (MDKSA-2004:156) y Fedora Linux (FEDORA-2004-563, FEDORA-2004-564)	2004-12-23
1.2	Aviso emitido por Debian Linux (DSA-629-1)	2005-01-10
1.3	Aviso emitido por Red Hat Linux (RHSA-2005:012-10)	2005-01-21
1.4	Aviso emitido por Red Hat (RHSA-2005:045-13)	2005-02-16
1.5	Aviso emitido por Sun (57712)	2005-03-04

Vulnerability Bulletins

Compromiso de root en Kerberos V

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history