[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200709-01.xml - gentoo-commits

From:	"undefined (vorlon)" <vorlon@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200709-01.xml
Date:	Tue, 11 Sep 2007 19:50:45
Message-Id:	`E1IVBOt-0000C8-TC@stork.gentoo.org`

1

vorlon      07/09/11 19:27:55

2

3

  Added:                glsa-200709-01.xml

4

  Log:

5

  GLSA 200709-01

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/security/en/glsa/glsa-200709-01.xml

9

10

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200709-01.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200709-01.xml?rev=1.1&content-type=text/plain

12

13

Index: glsa-200709-01.xml

14

===================================================================

15

<?xml version="1.0" encoding="utf-8"?>

16

<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>

17

<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>

18

<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

19

20

<glsa id="200709-01">

21

  <title>MIT Kerberos 5: Multiple vulnerabilities</title>

22

  <synopsis>

23

    Two vulnerabilites have been found in MIT Kerberos 5, which could allow a

24

    remote unauthenticated user to execute arbitrary code with root privileges.

25

  </synopsis>

26

  <product type="ebuild">mit-krb5</product>

27

  <announced>September 11, 2007</announced>

28

  <revised>September 11, 2007: 01</revised>

29

  <bug>191301</bug>

30

  <access>remote</access>

31

  <affected>

32

    <package name="app-crypt/mit-krb5" auto="yes" arch="*">

33

      <unaffected range="ge">1.5.3-r1</unaffected>

34

      <vulnerable range="lt">1.5.3-r1</vulnerable>

35

    </package>

36

  </affected>

37

  <background>

38

<p>

39

    MIT Kerberos 5 is a suite of applications that implement the Kerberos

40

    network protocol. kadmind is the MIT Kerberos 5 administration daemon.

41

    </p>

42

  </background>

43

  <description>

44

<p>

45

    A stack buffer overflow (CVE-2007-3999) has been reported in

46

    svcauth_gss_validate() of the RPC library of kadmind. Another

47

    vulnerability (CVE-2007-4000) has been found in

48

    kadm5_modify_policy_internal(), which does not check the return values

49

    of krb5_db_get_policy() correctly.

50

    </p>

51

  </description>

52

  <impact type="high">

53

<p>

54

    The RPC related vulnerability can be exploited by a remote

55

    unauthenticated attacker to execute arbitrary code with root privileges

56

    on the host running kadmind. The second vulnerability requires the

57

    remote attacker to be authenticated and to have "modify policy"

58

    privileges. It could then also allow for the remote execution of

59

    arbitrary code.

60

    </p>

61

  </impact>

62

  <workaround>

63

<p>

64

    There is no known workaround at this time.

65

    </p>

66

  </workaround>

67

  <resolution>

68

<p>

69

    All MIT Kerberos 5 users should upgrade to the latest version:

70

    </p>

71

    <code>

72

    # emerge --sync

73

    # emerge --ask --oneshot --verbose &quot;&gt;=app-crypt/mit-krb5-1.5.3-r1&quot;</code>

74

  </resolution>

75

  <references>

76

    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999">CVE-2007-3999</uri>

77

    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4000">CVE-2007-4000</uri>

78

  </references>

79

  <metadata tag="requester" timestamp="Sat, 08 Sep 2007 22:29:04 +0000">

80

p-y

81

  </metadata>

82

  <metadata tag="bugReady" timestamp="Sun, 09 Sep 2007 19:22:20 +0000">

83

    jaervosz

84

  </metadata>

85

  <metadata tag="submitter" timestamp="Mon, 10 Sep 2007 18:34:17 +0000">

86

    vorlon

87

  </metadata>

88

</glsa>

--

93

gentoo-commits@g.o mailing list

1	vorlon 07/09/11 19:27:55
2
3	Added: glsa-200709-01.xml
4	Log:
5	GLSA 200709-01
6
7	Revision Changes Path
8	1.1 xml/htdocs/security/en/glsa/glsa-200709-01.xml
9
10	file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200709-01.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200709-01.xml?rev=1.1&content-type=text/plain
12
13	Index: glsa-200709-01.xml
14	===================================================================
15	<?xml version="1.0" encoding="utf-8"?>
16	<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
17	<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
18	<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
19
20	<glsa id="200709-01">
21	<title>MIT Kerberos 5: Multiple vulnerabilities</title>
22	<synopsis>
23	Two vulnerabilites have been found in MIT Kerberos 5, which could allow a
24	remote unauthenticated user to execute arbitrary code with root privileges.
25	</synopsis>
26	<product type="ebuild">mit-krb5</product>
27	<announced>September 11, 2007</announced>
28	<revised>September 11, 2007: 01</revised>
29	<bug>191301</bug>
30	<access>remote</access>
31	<affected>
32	<package name="app-crypt/mit-krb5" auto="yes" arch="*">
33	<unaffected range="ge">1.5.3-r1</unaffected>
34	<vulnerable range="lt">1.5.3-r1</vulnerable>
35	</package>
36	</affected>
37	<background>
38	<p>
39	MIT Kerberos 5 is a suite of applications that implement the Kerberos
40	network protocol. kadmind is the MIT Kerberos 5 administration daemon.
41	</p>
42	</background>
43	<description>
44	<p>
45	A stack buffer overflow (CVE-2007-3999) has been reported in
46	svcauth_gss_validate() of the RPC library of kadmind. Another
47	vulnerability (CVE-2007-4000) has been found in
48	kadm5_modify_policy_internal(), which does not check the return values
49	of krb5_db_get_policy() correctly.
50	</p>
51	</description>
52	<impact type="high">
53	<p>
54	The RPC related vulnerability can be exploited by a remote
55	unauthenticated attacker to execute arbitrary code with root privileges
56	on the host running kadmind. The second vulnerability requires the
57	remote attacker to be authenticated and to have "modify policy"
58	privileges. It could then also allow for the remote execution of
59	arbitrary code.
60	</p>
61	</impact>
62	<workaround>
63	<p>
64	There is no known workaround at this time.
65	</p>
66	</workaround>
67	<resolution>
68	<p>
69	All MIT Kerberos 5 users should upgrade to the latest version:
70	</p>
71	<code>
72	# emerge --sync
73	# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.5.3-r1"</code>
74	</resolution>
75	<references>
76	<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999">CVE-2007-3999</uri>
77	<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4000">CVE-2007-4000</uri>
78	</references>
79	<metadata tag="requester" timestamp="Sat, 08 Sep 2007 22:29:04 +0000">
80	p-y
81	</metadata>
82	<metadata tag="bugReady" timestamp="Sun, 09 Sep 2007 19:22:20 +0000">
83	jaervosz
84	</metadata>
85	<metadata tag="submitter" timestamp="Mon, 10 Sep 2007 18:34:17 +0000">
86	vorlon
87	</metadata>
88	</glsa>
89
90
91
92	--
93	gentoo-commits@g.o mailing list

Gentoo Archives: gentoo-commits