Vulnerability Bulletins

int(1296)

Vulnerability Bulletins

Vulnerabilidad de integridad en Kerberos
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Integridad
Dificulty	Avanzado
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Kerberos
Description
Se ha encontrado una vulnerabilidad de archivos temporales en la aplicación krb5-send-pr de Kerberos. Un atacante podría crear un archivo temporal que podría permitir que un archivo arbitrario fuera sobreescrito.
Solution
Actualización de software Red Hat Linux Red Hat Desktop (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Desktop (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Desktop (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC: krb5-devel-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc64.rpm krb5-server-1.2.7-38.ppc.rpm krb5-workstation-1.2.7-38.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390: krb5-devel-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390.rpm krb5-server-1.2.7-38.s390.rpm krb5-workstation-1.2.7-38.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x: krb5-devel-1.2.7-38.s390x.rpm krb5-libs-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390x.rpm krb5-server-1.2.7-38.s390x.rpm krb5-workstation-1.2.7-38.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Fedora Linux Fedora Linux Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ Fedora Linux Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
Standar resources
Property	Value
CVE	CAN-2004-0971
BID	11289
Other resources
Fedora Linux security advisory FEDORA-2004-563 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00089.html Fedora Linux security advisory FEDORA-2004-564 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00090.html Red Hat Linux Security Advisory RHSA-2005:012-10 https://rhn.redhat.com/errata/RHSA-2005-012.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-01-21

Vulnerability Bulletins

Vulnerabilidad de integridad en Kerberos

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history