Boletines de Vulnerabilidades |
Vulnerabilidad de integridad en Kerberos |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Integridad |
Dificultad | Avanzado |
Requerimientos del atacante | Acceso remoto con cuenta |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | Kerberos |
Descripción |
|
Se ha encontrado una vulnerabilidad de archivos temporales en la aplicación krb5-send-pr de Kerberos. Un atacante podría crear un archivo temporal que podría permitir que un archivo arbitrario fuera sobreescrito. |
|
Solución |
|
Actualización de software Red Hat Linux Red Hat Desktop (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Desktop (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Desktop (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC: krb5-devel-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc.rpm krb5-libs-1.2.7-38.ppc64.rpm krb5-server-1.2.7-38.ppc.rpm krb5-workstation-1.2.7-38.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390: krb5-devel-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390.rpm krb5-server-1.2.7-38.s390.rpm krb5-workstation-1.2.7-38.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x: krb5-devel-1.2.7-38.s390x.rpm krb5-libs-1.2.7-38.s390.rpm krb5-libs-1.2.7-38.s390x.rpm krb5-server-1.2.7-38.s390x.rpm krb5-workstation-1.2.7-38.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-server-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-server-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-server-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32: krb5-devel-1.2.2-32.i386.rpm krb5-libs-1.2.2-32.i386.rpm krb5-server-1.2.2-32.i386.rpm krb5-workstation-1.2.2-32.i386.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS: krb5-1.2.7-38.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32: krb5-devel-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.i386.rpm krb5-workstation-1.2.7-38.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.7-38.ia64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.ia64.rpm krb5-workstation-1.2.7-38.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64: krb5-devel-1.2.7-38.x86_64.rpm krb5-libs-1.2.7-38.i386.rpm krb5-libs-1.2.7-38.x86_64.rpm krb5-workstation-1.2.7-38.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS: krb5-1.2.2-32.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64: krb5-devel-1.2.2-32.ia64.rpm krb5-libs-1.2.2-32.ia64.rpm krb5-server-1.2.2-32.ia64.rpm krb5-workstation-1.2.2-32.ia64.rpm Fedora Linux Fedora Linux Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ Fedora Linux Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CAN-2004-0971 |
BID | 11289 |
Recursos adicionales |
|
Fedora Linux security advisory FEDORA-2004-563 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00089.html Fedora Linux security advisory FEDORA-2004-564 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00090.html Red Hat Linux Security Advisory RHSA-2005:012-10 https://rhn.redhat.com/errata/RHSA-2005-012.html |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2005-01-21 |