Gentoo Archives: gentoo-announce

From: Raphael Marichez <falco@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200707-11 ] MIT Kerberos 5: Arbitrary remote code execution
Date: Wed, 25 Jul 2007 22:24:49
Message-Id: 20070725221122.GD10257@falco.falcal.net
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200707-11
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: High
8 Title: MIT Kerberos 5: Arbitrary remote code execution
9 Date: July 25, 2007
10 Bugs: #183338
11 ID: 200707-11
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities in MIT Kerberos 5 could potentially result in
19 remote code execution with root privileges by unauthenticated users.
20
21 Background
22 ==========
23
24 MIT Kerberos 5 is a suite of applications that implement the Kerberos
25 network protocol.
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 app-crypt/mit-krb5 < 1.5.2-r3 >= 1.5.2-r3
34
35 Description
36 ===========
37
38 kadmind is affected by multiple vulnerabilities in the RPC library
39 shipped with MIT Kerberos 5. It fails to properly handle zero-length
40 RPC credentials (CVE-2007-2442) and the RPC library can write past the
41 end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to
42 do proper bounds checking (CVE-2007-2798).
43
44 Impact
45 ======
46
47 A remote unauthenticated attacker could exploit these vulnerabilities
48 to execute arbitrary code with root privileges.
49
50 Workaround
51 ==========
52
53 There is no known workaround at this time.
54
55 Resolution
56 ==========
57
58 All MIT Kerberos 5 users should upgrade to the latest version:
59
60 # emerge --sync
61 # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.5.2-r3"
62
63 References
64 ==========
65
66 [ 1 ] CVE-2007-2442
67 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
68 [ 2 ] CVE-2007-2443
69 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
70 [ 3 ] CVE-2007-2798
71 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
72
73 Availability
74 ============
75
76 This GLSA and any updates to it are available for viewing at
77 the Gentoo Security Website:
78
79 http://security.gentoo.org/glsa/glsa-200707-11.xml
80
81 Concerns?
82 =========
83
84 Security is a primary focus of Gentoo Linux and ensuring the
85 confidentiality and security of our users machines is of utmost
86 importance to us. Any security concerns should be addressed to
87 security@g.o or alternatively, you may file a bug at
88 http://bugs.gentoo.org.
89
90 License
91 =======
92
93 Copyright 2007 Gentoo Foundation, Inc; referenced text
94 belongs to its owner(s).
95
96 The contents of this document are licensed under the
97 Creative Commons - Attribution / Share Alike license.
98
99 http://creativecommons.org/licenses/by-sa/2.5