Vulnerability Bulletins |
Múltiples ejecuciones de código remoto en Kerberos |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software |
MIT Kerberos 1.5.3 MIT Kerberos 5 <= 1.6.1 |
Description |
|
Se han encontrado múltiples ejecuciones de código arbitrario en MIT Kerberos. Las vulnerabilidades son descritas a continuación. - CVE-2007-2443: Se ha encontrado una vulnerabilidad en MIT Kerberos 5 en las versiones anteriores a la 1.6.1 incluyendo la misma en la librería RPC en el archivo svc_auth_unix.c. La vulnerabilidad reside en un error de entero sin signo en la función gssrpc__svcauth_unix. Un atacante remoto podría ejecutar código arbitrario mediante un valor de tamaño negativo. - CVE-2007-2798: Se ha encontrado una vulnerabilidad del tipo desbordamiento de pila en MIT Kerberos en las versiones 1.5.3 y 1.6.1 en kadmind. La vulnerabilidad reside en un error en la función rename_principal_2_svc. Un atacante remoto podría ejecutar código arbitrario mediante una peticion especialmente diseñada para renombrar un principal. |
|
Solution |
|
Actualización de software Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-client-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/ftp-server-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-server-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/krb5-workstation-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libkrb51-devel-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-client-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/telnet-server-krb5-1.3-6.9.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-client-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/ftp-server-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-server-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/krb5-workstation-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64krb51-devel-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-client-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/telnet-server-krb5-1.3-6.9.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/i586/libkrb51-1.3-6.9.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/krb5-1.3-6.9.M20mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/ftp-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-server-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/krb5-workstation-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libkrb53-devel-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/telnet-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/ftp-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-server-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/krb5-workstation-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64krb53-devel-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/telnet-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm Corporate Server 4.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/ftp-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-server-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/krb5-workstation-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/libkrb53-devel-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/telnet-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-server-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/krb5-workstation-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm Mandriva Linux 2007.1 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/ftp-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/ftp-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/krb5-server-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/krb5-workstation-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libkrb53-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libkrb53-devel-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/telnet-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/telnet-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/ftp-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/ftp-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/krb5-server-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/krb5-workstation-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64krb53-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64krb53-devel-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/telnet-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/telnet-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm Red Hat (RHSA-2007:0562-2) RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2007:0384-4) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ Sun(102985) Solaris 10 / SPARC / patch 120473-12 Solaris 10 / x86 / patch 120037-22 De momento, no existe parche oficial para esta vulnerabilidad. http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage SGI Advanced Linux Environment 3 / RPM / Patch 10421 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10421 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge5_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_ia64.deb Motorola 680x0 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_m68k.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_m68k.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_mipsel.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_sparc.deb Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.diff.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch2_all.deb Alpha http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_alpha.deb AMD64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_amd64.deb ARM http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_ia64.deb Little endian MIPS http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_sparc.deb Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Apple Mac OS 10.3.9 http://www.apple.com/support/downloads/securityupdate20070071039.html Mac OS Server 10.3.9 http://www.apple.com/support/downloads/securityupdate20070071039server.html Mac OS PPC 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410ppc.html Mac OS Server PPC 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410serverppc.html Mac OS Universal 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410universal.html Mac OS Server Universal 10.4.10 http://www.apple.com/support/downloads/securityupdate200700710410serveruniversal.html VMware (VMSA-2007-0006) VMware Workstation 6.0.1 VMware Workstation 5.5.5 http://www.vmware.com/download/ws/ http://www.vmware.com/download/ws/ws5.html VMware Player 2.0.1 VMware Player 1.0.5 http://www.vmware.com/download/server/ VMware Server 1.0.4 http://www.vmware.com/download/server/ VMware ACE 2.0.1 VMware ACE 1.0.4 http://www.vmware.com/download/ace/ VMware ESX 3.0.2 / patches ESX-1001725 ESX-1001731 ESX-1001726 ESX-1001727 ESX-1001728 ESX-1001729 ESX-1001730 VMware ESX 3.0.1 / patches ESX-8258730 ESX-1001213 ESX-1001691 ESX-1001723 ESX-1001214 ESX-1001692 ESX-1001693 ESX-1001694 ESX-8253547 ESX-8567382 VMware ESX 3.0.0 / patches ESX-4809553 ESX-1001204 ESX-1001206 ESX-1001212 ESX-1001205 ESX-1001207 ESX-1001208 ESX-1001209 ESX-1001210 ESX-1001211 VMware ESX 2.5.4 / patch 10 http://www.vmware.com/support/esx25/doc/esx-254-200708-patch.html VMware ESX 2.5.3 / patch 13 http://www.vmware.com/support/esx25/doc/esx-253-200708-patch.html VMware ESX 2.1.3 / patch 8 http://www.vmware.com/support/esx21/doc/esx-213-200708-patch.html VMware ESX 2.0.2 / patch 8 http://www.vmware.com/support/esx2/doc/esx-202-200708-patch.html Hewlett-Packard (HPSBUX02544) B.11.11 (11i v1) / patch PHSS_41166 o posterior B.11.23 (11i v2) / patch PHSS_41167 o posterior B.11.31 (11i v3) / patch PHSS_41168 o posterior URL http://itrc.hp.com |
|
Standar resources |
|
Property | Value |
CVE |
CVE-2007-2443 CVE-2007-2798 |
BID | |
Other resources |
|
Mandriva Security Advisory (MDKSA-2007:137) http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 Red Hat Security Advisory (RHSA-2007:0562-2) https://rhn.redhat.com/errata/RHSA-2007-0562.html Red Hat Security Advisory (RHSA-2007:0384-4) https://rhn.redhat.com/errata/RHSA-2007-0384.html Sun Alert Notification (102985) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102985-1 SGI Security Advisory (20070602-01-P) ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc Debian Security Advisory (DSA 1323-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00084.html SUSE Security Advisory (SUSE-SA:2007:038) http://www.novell.com/linux/security/advisories/2007_38_krb5.html Apple Security Update (306172) http://docs.info.apple.com/article.html?artnum=306172 VMware security advisory (VMSA-2007-0006) http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0356.html HP SECURITY BULLETIN (HPSBUX02544) http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02257427 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2007-06-27 |
1.1 | Aviso emitido por Sun (102985) | 2007-06-28 |
1.2 | Aviso emitido por SGI (20070602-01-P), aviso emitido por Debian (DSA 1323-1) | 2007-06-29 |
1.3 | Aviso emitido por Suse (SUSE-SA:2007:038) | 2007-07-04 |
1.4 | Aviso actualizado por Sun (102985) | 2007-07-16 |
1.5 | Aviso actualizado por Sun (102985) | 2007-07-20 |
1.6 | Aviso emitido por Apple (306172) | 2007-08-01 |
1.7 | Aviso emitido por VMware (VMSA-2007-0006) | 2007-09-25 |
1.8 | Aviso emitido por HP (HPSBUX02544) | 2010-06-25 |