Vulnerability Bulletins |
Ejecución de comandos arbitrarios con privilegios de root en Kerberos |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Compromiso Root |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | MIT Kerberos 5 <= 1.6.1 |
Description |
|
|
Se ha encontrado una vulnerabilidad en MIT Kerberos 5 en las versiones anteriores a la 1.6.1 incluyendo la misma en la librería RPC en la función gssrpc__svcauth_gssapi. La vulnerabilidad reside en la implementación de la API RPCSEC_GSS. Un atacante remoto podría ejecutar comandos de forma arbitraria con privilegios del demonio kadmind, que normalmente son privilegios de root, mediante una longitud cero en el credencial RPC. |
|
Solution |
|
|
Actualización de software Sun(102914) Solaris 8 / SPARC / patch 126928-01 Solaris 10 / SPARC / patch 123809-02 Solaris 8 / x86 / patch 126929-01 Solaris 10 / x86 / patch 126837-01 Solaris 9 / SPARC / patch 113318-31 Solaris 9 / x86 / patch 117468-17 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-client-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-server-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-server-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-workstation-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-devel-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-client-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-server-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-client-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-server-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-server-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-workstation-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-devel-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-client-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-server-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/i586/libkrb51-1.3-6.9.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/krb5-1.3-6.9.M20mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-server-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-workstation-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-devel-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-server-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-workstation-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-devel-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm Corporate Server 4.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-server-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-workstation-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-devel-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-server-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-workstation-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm Mandriva Linux 2007.1 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/ftp-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/ftp-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/krb5-server-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/krb5-workstation-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libkrb53-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libkrb53-devel-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/telnet-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/telnet-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/ftp-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/ftp-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/krb5-server-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/krb5-workstation-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64krb53-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64krb53-devel-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/telnet-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/telnet-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm Red Hat (RHSA-2007:0562-2) RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2007:0384-4) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ SGI Advanced Linux Environment 3 / RPM / Patch 10421 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10421 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge5_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_ia64.deb Motorola 680x0 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_m68k.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_mipsel.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_sparc.deb Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch2_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_ia64.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_sparc.deb Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Apple Mac OS 10.3.9 http://www.apple.com/support/downloads/securityupdate20070071039.html Mac OS Server 10.3.9 http://www.apple.com/support/downloads/securityupdate20070071039server.html Mac OS PPC 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410ppc.html Mac OS Server PPC 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410serverppc.html Mac OS Universal 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410universal.html Mac OS Server Universal 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410serveruniversal.html VMware (VMSA-2007-0006) VMware Workstation 6.0.1 VMware Workstation 5.5.5 http://www.vmware.com/download/ws/ http://www.vmware.com/download/ws/ws5.html VMware Player 2.0.1 VMware Player 1.0.5 http://www.vmware.com/download/server/ VMware Server 1.0.4 http://www.vmware.com/download/server/ VMware ACE 2.0.1 VMware ACE 1.0.4 http://www.vmware.com/download/ace/ VMware ESX 3.0.2 / patches ESX-1001725 ESX-1001731 ESX-1001726 ESX-1001727 ESX-1001728 ESX-1001729 ESX-1001730 VMware ESX 3.0.1 / patches ESX-8258730 ESX-1001213 ESX-1001691 ESX-1001723 ESX-1001214 ESX-1001692 ESX-1001693 ESX-1001694 ESX-8253547 ESX-8567382 VMware ESX 3.0.0 / patches ESX-4809553 ESX-1001204 ESX-1001206 ESX-1001212 ESX-1001205 ESX-1001207 ESX-1001208 ESX-1001209 ESX-1001210 ESX-1001211 VMware ESX 2.5.4 / patch 10 http://www.vmware.com/support/esx25/doc/esx-254-200708-patch.html VMware ESX 2.5.3 / patch 13 http://www.vmware.com/support/esx25/doc/esx-253-200708-patch.html VMware ESX 2.1.3 / patch 8 http://www.vmware.com/support/esx21/doc/esx-213-200708-patch.html VMware ESX 2.0.2 / patch 8 http://www.vmware.com/support/esx2/doc/esx-202-200708-patch.html Hewlett-Packard (HPSBUX02544) B.11.11 (11i v1) / patch PHSS_41166 o posterior B.11.23 (11i v2) / patch PHSS_41167 o posterior B.11.31 (11i v3) / patch PHSS_41168 o posterior URL http://itrc.hp.com |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2007-2442 |
| BID | |
Other resources |
|
|
Sun Alert Notification (102914) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 Mandriva Security Advisory (MDKSA-2007:137) http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 Red Hat Security Advisory (RHSA-2007:0562-2) https://rhn.redhat.com/errata/RHSA-2007-0562.html Red Hat Security Advisory (RHSA-2007:0384-4) https://rhn.redhat.com/errata/RHSA-2007-0384.html SGI Security Advisory (20070602-01-P) ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc Debian Security Advisory (DSA 1323-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00084.html SUSE Security Advisory (SUSE-SA:2007:038) http://www.novell.com/linux/security/advisories/2007_38_krb5.html Apple Security Update (306172) http://docs.info.apple.com/article.html?artnum=306172 VMware security advisory (VMSA-2007-0006) http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0356.html HP SECURITY BULLETIN (HPSBUX02544) http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02257427 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2007-06-27 |
| 1.1 | Aviso emitido por SGI (20070602-01-P), aviso emitido por Debian (DSA 1323-1) | 2007-06-29 |
| 1.2 | Aviso actualizado por Sun (102914) | 2007-07-03 |
| 1.3 | Aviso emitido por Suse (SUSE-SA:2007:038) | 2007-07-04 |
| 1.4 | Aviso emitido por Apple (306172) | 2007-08-01 |
| 1.5 | Aviso emitido por VMware (VMSA-2007-0006) | 2007-09-25 |
| 1.6 | Aviso emitido por HP (HPSBUX02544) | 2010-06-25 |