VARIoT IoT vulnerabilities database

VAR-200712-0599 | CVE-2007-5902 | MIT Kerberos Multiple Memory Corruption Vulnerabilities |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等.
Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃.
gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char *fmt, ...)
{
...
(1) int length, kerror; <---- declared length without initializer
if (n) sprintf(in, \"\\%d\\%c\", n, cont_char);
else in[0] = \'\'\0\'\';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
if (strcmp(auth_type, \"KERBEROS_V4\") == 0) {
if (clevel == PROT_P)
length = krb_mk_priv((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
schedule,
&kdata.session,
&ctrl_addr,
&his_addr);
else
length = krb_mk_safe((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
&kdata.session,
&ctrl_addr,
&his_addr);
if (length == -1) {
syslog(LOG_ERR,
\"krb_mk_\\%s failed for
KERBEROS_V4\",
clevel == PROT_P ? \"priv\" :
\"safe\");
fputs(in,stdout);
}
} else
#endif /* KRB5_KRB4_COMPAT */
#ifdef GSSAPI
/* reply (based on level) */
if (strcmp(auth_type, \"GSSAPI\") == 0) {
gss_buffer_desc in_buf, out_buf;
OM_uint32 maj_stat, min_stat;
int conf_state;
in_buf.value = in;
in_buf.length = strlen(in);
maj_stat = gss_seal(&min_stat, gcontext,
clevel == PROT_P, /*
private */
GSS_C_QOP_DEFAULT,
&in_buf, &conf_state,
&out_buf);
if (maj_stat != GSS_S_COMPLETE) {
#if 0
/* Don\'\'t setup an infinite loop */
/* generally need to deal */
secure_gss_error(maj_stat, min_stat,
(clevel==PROT_P)?
\"gss_seal ENC didn\'\'t
complete\":
\"gss_seal MIC didn\'\'t
complete\");
#endif /* 0 */
} else if ((clevel == PROT_P) && !conf_state) {
#if 0
/* Don\'\'t setup an infinite loop */
secure_error(\"GSSAPI didn\'\'t encrypt
message\");
#endif /* 0 */
} else {
memcpy(out, out_buf.value,
length=out_buf.length);
gss_release_buffer(&min_stat,
&out_buf);
}
}
#endif /* GSSAPI */
/* Othe. Multiple memory-corruption vulnerabilities with unknown impacts affect MIT Kerberos 5. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. (Only Ubuntu 6.06 LTS was
affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos
did not correctly verify certain packet structures.
II.DETAILS:
----------
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c.
A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function
gss_indicate_mechs(mi
norStatus, mechSet) in g_initialize.c and a integer overflow
vunerability(CVE-2007-5902)
in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A
double free vulnerability(CVE-2007-5971)
in function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another
double free vulnerability(CVE-2007-5972)
in function krb5_def_store_mkey in lib/kdb/kdb_default.c.
Impact
Reading uninitialized variables can result in unpredictable behavior,
crashes, or security holes.
Dereferencing,integer overflow and double free may cause instability and
potentially crash.
References
==========
[ 1 ] CVE-2007-5894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
[ 3 ] CVE-2007-5902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
[ 4 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 5 ] CVE-2007-5972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
----------
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
-----------
The information in this bulletin is provided "AS IS" without warranty of
any
kind. In no event shall we be liable for any damages whatsoever
including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab
VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security
Trusted {Solution} Provider
Service
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-924-1 April 07, 2010
krb5 vulnerabilities
CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,
CVE-2010-0629
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4
libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10:
krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04:
krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3
libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly
free memory. An unauthenticated remote attacker could send specially
crafted traffic to crash the kadmind process, leading to a denial of
service. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in
the GSSAPI library. If a remote attacker were able to manipulate an
application using GSSAPI carefully, the service could crash, leading to
a denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,
CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the
GSSAPI and kdb libraries. If a remote attacker were able to manipulate
an application using these libraries carefully, the service could crash,
leading to a denial of service. (Only Ubuntu 8.04 LTS was affected.)
(CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
VAR-200712-0604 | CVE-2007-5971 | MIT Kerberos Multiple Memory Corruption Vulnerabilities |
CVSS V2: 6.9 CVSS V3: - Severity: MEDIUM |
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等.
Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃.
gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char *fmt, ...)
{
...
(1) int length, kerror; <---- declared length without initializer
if (n) sprintf(in, \"\\%d\\%c\", n, cont_char);
else in[0] = \'\'\0\'\';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
if (strcmp(auth_type, \"KERBEROS_V4\") == 0) {
if (clevel == PROT_P)
length = krb_mk_priv((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
schedule,
&kdata.session,
&ctrl_addr,
&his_addr);
else
length = krb_mk_safe((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
&kdata.session,
&ctrl_addr,
&his_addr);
if (length == -1) {
syslog(LOG_ERR,
\"krb_mk_\\%s failed for
KERBEROS_V4\",
clevel == PROT_P ? \"priv\" :
\"safe\");
fputs(in,stdout);
}
} else
#endif /* KRB5_KRB4_COMPAT */
#ifdef GSSAPI
/* reply (based on level) */
if (strcmp(auth_type, \"GSSAPI\") == 0) {
gss_buffer_desc in_buf, out_buf;
OM_uint32 maj_stat, min_stat;
int conf_state;
in_buf.value = in;
in_buf.length = strlen(in);
maj_stat = gss_seal(&min_stat, gcontext,
clevel == PROT_P, /*
private */
GSS_C_QOP_DEFAULT,
&in_buf, &conf_state,
&out_buf);
if (maj_stat != GSS_S_COMPLETE) {
#if 0
/* Don\'\'t setup an infinite loop */
/* generally need to deal */
secure_gss_error(maj_stat, min_stat,
(clevel==PROT_P)?
\"gss_seal ENC didn\'\'t
complete\":
\"gss_seal MIC didn\'\'t
complete\");
#endif /* 0 */
} else if ((clevel == PROT_P) && !conf_state) {
#if 0
/* Don\'\'t setup an infinite loop */
secure_error(\"GSSAPI didn\'\'t encrypt
message\");
#endif /* 0 */
} else {
memcpy(out, out_buf.value,
length=out_buf.length);
gss_release_buffer(&min_stat,
&out_buf);
}
}
#endif /* GSSAPI */
/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:070
http://www.mandriva.com/security/
_______________________________________________________________________
Package : krb5
Date : March 19, 2008
Affected: 2007.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
A memory management flaw was found in the GSSAPI library used by
Kerberos that could result in an attempt to free already freed memory,
possibly leading to a crash or allowing the execution of arbitrary code
(CVE-2007-5971).
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4
protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol
compatibility enabled, which is a compiled-in default in all
Kerberos versions that Mandriva Linux ships prior to Mandriva
Linux 2008.0.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
ef17fea5e296992fb34b0d00540b4190 2007.0/i586/ftp-client-krb5-1.4.3-7.4mdv2007.0.i586.rpm
dbc47795968f03dff7eb50ff34a63b8d 2007.0/i586/ftp-server-krb5-1.4.3-7.4mdv2007.0.i586.rpm
36f5b4160b9dc7d4393b8bc5f4f0b6fb 2007.0/i586/krb5-server-1.4.3-7.4mdv2007.0.i586.rpm
f76121f223836939aef1f77164a7224d 2007.0/i586/krb5-workstation-1.4.3-7.4mdv2007.0.i586.rpm
65c052a4916406626b3289abdb43e0a6 2007.0/i586/libkrb53-1.4.3-7.4mdv2007.0.i586.rpm
e50117c585a8560813bc93704562e726 2007.0/i586/libkrb53-devel-1.4.3-7.4mdv2007.0.i586.rpm
1f99498d879f9343510479f2791245ac 2007.0/i586/telnet-client-krb5-1.4.3-7.4mdv2007.0.i586.rpm
9ed009750d2bcf738ceefce2e4c69512 2007.0/i586/telnet-server-krb5-1.4.3-7.4mdv2007.0.i586.rpm
9e63ac2d698d562ead71d5dd8c7ae315 2007.0/SRPMS/krb5-1.4.3-7.4mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
029aad278f01c2baef9f93b86b0bc20d 2007.0/x86_64/ftp-client-krb5-1.4.3-7.4mdv2007.0.x86_64.rpm
dae016ff39d8e4d9f517b3197eefd926 2007.0/x86_64/ftp-server-krb5-1.4.3-7.4mdv2007.0.x86_64.rpm
8b3fac7b20798715efdad0d0db6b4472 2007.0/x86_64/krb5-server-1.4.3-7.4mdv2007.0.x86_64.rpm
81f6c05a73c175b581790532aa8572f1 2007.0/x86_64/krb5-workstation-1.4.3-7.4mdv2007.0.x86_64.rpm
41e10d5f06e05ea4cf455a0c3420d09f 2007.0/x86_64/lib64krb53-1.4.3-7.4mdv2007.0.x86_64.rpm
eeebf59564375187f01f628be3ac5132 2007.0/x86_64/lib64krb53-devel-1.4.3-7.4mdv2007.0.x86_64.rpm
cff3b7303e5d157e4ef246867ba396e8 2007.0/x86_64/telnet-client-krb5-1.4.3-7.4mdv2007.0.x86_64.rpm
ee55c784f89a1190efb9ce619ba34227 2007.0/x86_64/telnet-server-krb5-1.4.3-7.4mdv2007.0.x86_64.rpm
9e63ac2d698d562ead71d5dd8c7ae315 2007.0/SRPMS/krb5-1.4.3-7.4mdv2007.0.src.rpm
Corporate 4.0:
d4dcc40949ba7e72823de561b2b5b050 corporate/4.0/i586/ftp-client-krb5-1.4.3-5.6.20060mlcs4.i586.rpm
5e8b8cf4c051f235f2b4a3cc2a8c967c corporate/4.0/i586/ftp-server-krb5-1.4.3-5.6.20060mlcs4.i586.rpm
3c5812da62cc9a0cea89306877386ef7 corporate/4.0/i586/krb5-server-1.4.3-5.6.20060mlcs4.i586.rpm
40b114f22d7109a125cdf5243160c5f1 corporate/4.0/i586/krb5-workstation-1.4.3-5.6.20060mlcs4.i586.rpm
db7506751e5178556652b74d81b06c6d corporate/4.0/i586/libkrb53-1.4.3-5.6.20060mlcs4.i586.rpm
59ec6c3b207538656f2645eb3c0adf6a corporate/4.0/i586/libkrb53-devel-1.4.3-5.6.20060mlcs4.i586.rpm
fe234b5f259def09b88fba24869eba83 corporate/4.0/i586/telnet-client-krb5-1.4.3-5.6.20060mlcs4.i586.rpm
e2b51de61c9a91686e98a05ea98ec05f corporate/4.0/i586/telnet-server-krb5-1.4.3-5.6.20060mlcs4.i586.rpm
6a739594760cabeb536550168eefb333 corporate/4.0/SRPMS/krb5-1.4.3-5.6.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
0b23f077db4f274b061f34eb50f47634 corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.6.20060mlcs4.x86_64.rpm
c70ca9de25fa8c9f7504f344b5be613a corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.6.20060mlcs4.x86_64.rpm
ca075a30dfeb617f808d616bbf420c63 corporate/4.0/x86_64/krb5-server-1.4.3-5.6.20060mlcs4.x86_64.rpm
76ec4cd64c814c9cdf44e7c734f66cd9 corporate/4.0/x86_64/krb5-workstation-1.4.3-5.6.20060mlcs4.x86_64.rpm
8eb62cc682d40a65a4b94aedb326cfc0 corporate/4.0/x86_64/lib64krb53-1.4.3-5.6.20060mlcs4.x86_64.rpm
538eb51b88db5d5a368bdbdf74607501 corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.6.20060mlcs4.x86_64.rpm
c22a1ac95f1a15fb65ee0eec60472936 corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.6.20060mlcs4.x86_64.rpm
b64f38875ba0dbf2441b1fd78dbf585d corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.6.20060mlcs4.x86_64.rpm
6a739594760cabeb536550168eefb333 corporate/4.0/SRPMS/krb5-1.4.3-5.6.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFH4WLsmqjQ0CJFipgRAqPPAKDOpukZQTnwRrBaWSnGspor0gG/LwCg6fPB
/jGRkhAI24wO20EBKKpdYF0=
=Z6Kl
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Background
==========
MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol. kadmind is the MIT Kerberos 5 administration daemon,
KDC is the Key Distribution Center.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
===========
* Two vulnerabilities were found in the Kerberos 4 support in KDC: A
global variable is not set for some incoming message types, leading
to a NULL pointer dereference or a double free() (CVE-2008-0062) and
unused portions of a buffer are not properly cleared when generating
an error message, which results in stack content being contained in a
reply (CVE-2008-0063).
* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the
RPC library server code, used in the kadmin server, caused when too
many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is
enabled.
Workaround
==========
Kerberos 4 support can be disabled via disabling the "krb4" USE flag
and recompiling the ebuild, or setting "v4_mode=none" in the
[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around
the KDC related vulnerabilities.
Resolution
==========
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
==========
[ 1 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 3 ] CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
[ 4 ] CVE-2008-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
[ 5 ] CVE-2008-0947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. (Only Ubuntu 6.06 LTS was
affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos
did not correctly verify certain packet structures. ----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
1) The problem is that KDC uses a global variable for all incoming
krb4 requests, but sets the variable only for certain requests.
2) An error exists in KDC when sending responses for krb4 requests.
This can be exploited to disclose potentially sensitive stack memory
via a specially crafted krb4 request.
Successful exploitation of the vulnerabilities requires that krb4
support is enabled in KDC (disabled by default in newer versions).
3) Two errors exist in the Kerberos RPC library when handling open
file descriptors. This can be exploited to cause a memory corruption
via an overly large number of RPC connections.
Successful exploitation of the vulnerability may allow execution of
arbitrary code, but requires that the operating system allows an
overly large number of opened file descriptors, and that "FD_SETSIZE"
is not defined in the system headers for versions prior to 1.3.
Vulnerabilities #1 and #2 are reported in Kerberos 5 versions 1.6.3
and prior. Vulnerability #3 is reported in Kerberos 5 versions 1.2.2
through 1.3, and versions 1.4 through 1.6.3.
SOLUTION:
Apply vendor patches.
http://web.mit.edu/kerberos/advisories/2008-001-patch.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt
PROVIDED AND/OR DISCOVERED BY:
1) Reported by the vendor.
2) The vendor credits Jeff Altman of Secure Endpoints, and Red Hat
Security Response Team.
ORIGINAL ADVISORY:
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-001.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt
OTHER REFERENCES:
US-CERT VU#895609:
http://www.kb.cert.org/vuls/id/895609
US-CERT VU#374121:
http://www.kb.cert.org/vuls/id/374121
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c.
A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function
gss_indicate_mechs(mi
norStatus, mechSet) in g_initialize.c and a integer overflow
vunerability(CVE-2007-5902)
in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior,
crashes, or security holes.
Dereferencing,integer overflow and double free may cause instability and
potentially crash.
References
==========
[ 1 ] CVE-2007-5894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
[ 3 ] CVE-2007-5902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
[ 4 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 5 ] CVE-2007-5972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
----------
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
-----------
The information in this bulletin is provided "AS IS" without warranty of
any
kind. In no event shall we be liable for any damages whatsoever
including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab
VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security
Trusted {Solution} Provider
Service
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-924-1 April 07, 2010
krb5 vulnerabilities
CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,
CVE-2010-0629
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4
libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10:
krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04:
krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3
libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly
free memory. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in
the GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,
CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the
GSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.)
(CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
VAR-200712-0601 | CVE-2007-5972 | MIT Kerberos Multiple Memory Corruption Vulnerabilities |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等.
Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃.
gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char *fmt, ...)
{
...
(1) int length, kerror; <---- declared length without initializer
if (n) sprintf(in, \"\\%d\\%c\", n, cont_char);
else in[0] = \'\'\0\'\';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
if (strcmp(auth_type, \"KERBEROS_V4\") == 0) {
if (clevel == PROT_P)
length = krb_mk_priv((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
schedule,
&kdata.session,
&ctrl_addr,
&his_addr);
else
length = krb_mk_safe((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
&kdata.session,
&ctrl_addr,
&his_addr);
if (length == -1) {
syslog(LOG_ERR,
\"krb_mk_\\%s failed for
KERBEROS_V4\",
clevel == PROT_P ? \"priv\" :
\"safe\");
fputs(in,stdout);
}
} else
#endif /* KRB5_KRB4_COMPAT */
#ifdef GSSAPI
/* reply (based on level) */
if (strcmp(auth_type, \"GSSAPI\") == 0) {
gss_buffer_desc in_buf, out_buf;
OM_uint32 maj_stat, min_stat;
int conf_state;
in_buf.value = in;
in_buf.length = strlen(in);
maj_stat = gss_seal(&min_stat, gcontext,
clevel == PROT_P, /*
private */
GSS_C_QOP_DEFAULT,
&in_buf, &conf_state,
&out_buf);
if (maj_stat != GSS_S_COMPLETE) {
#if 0
/* Don\'\'t setup an infinite loop */
/* generally need to deal */
secure_gss_error(maj_stat, min_stat,
(clevel==PROT_P)?
\"gss_seal ENC didn\'\'t
complete\":
\"gss_seal MIC didn\'\'t
complete\");
#endif /* 0 */
} else if ((clevel == PROT_P) && !conf_state) {
#if 0
/* Don\'\'t setup an infinite loop */
secure_error(\"GSSAPI didn\'\'t encrypt
message\");
#endif /* 0 */
} else {
memcpy(out, out_buf.value,
length=out_buf.length);
gss_release_buffer(&min_stat,
&out_buf);
}
}
#endif /* GSSAPI */
/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
SUSE Update for Multiple Packages
SECUNIA ADVISORY ID:
SA28636
VERIFY ADVISORY:
http://secunia.com/advisories/28636/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
SUSE Linux 10.1
http://secunia.com/product/10796/
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
DESCRIPTION:
SUSE has issued updates for multiple packages. These fix some
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) and by malicious people to bypass certain
security restrictions, to cause a DoS, or to compromise a user's
system.
For more information:
SA27313
SA28076
SA28129
SA28228
SA28327
SA28358
SA28384
SA28444
SOLUTION:
Updated packages are available via Yast Online Update or the SUSE FTP
server.
ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html
OTHER REFERENCES:
SA27313:
http://secunia.com/advisories/27313/
SA28076:
http://secunia.com/advisories/28076/
SA28129:
http://secunia.com/advisories/28129/
SA28228:
http://secunia.com/advisories/28228/
SA28327:
http://secunia.com/advisories/28327/
SA28358:
http://secunia.com/advisories/28358/
SA28384:
http://secunia.com/advisories/28384/
SA28444:
http://secunia.com/advisories/28444/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Secunia CSI
+ Microsoft SCCM
-----------------------
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
Ubuntu update for krb5
SECUNIA ADVISORY ID:
SA39290
VERIFY ADVISORY:
http://secunia.com/advisories/39290/
DESCRIPTION:
Ubuntu has issued an update for krb5. (Only Ubuntu 6.06 LTS was
affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos
did not correctly verify certain packet structures. ----------------------------------------------------------------------
Stay Compliant
Alerts, Technical Descriptions, PoC, Links to patches, CVSS, CVE, Changelogs, Alternative Remediation Strategies, and much more provided in the Secunia Vulnerability Intelligence solutions
Free Trial
http://secunia.com/products/corporate/evm/trial/
----------------------------------------------------------------------
TITLE:
Ubuntu update for krb5
SECUNIA ADVISORY ID:
SA39784
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/39784/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=39784
RELEASE DATE:
2010-05-21
DISCUSS ADVISORY:
http://secunia.com/advisories/39784/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/39784/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=39784
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Ubuntu has issued an update for krb5.
II.DETAILS:
----------
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c.
A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function
gss_indicate_mechs(mi
norStatus, mechSet) in g_initialize.c and a integer overflow
vunerability(CVE-2007-5902)
in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A
double free vulnerability(CVE-2007-5971)
in function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another
double free vulnerability(CVE-2007-5972)
in function krb5_def_store_mkey in lib/kdb/kdb_default.c.
Impact
Reading uninitialized variables can result in unpredictable behavior,
crashes, or security holes.
Dereferencing,integer overflow and double free may cause instability and
potentially crash.
References
==========
[ 1 ] CVE-2007-5894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
[ 3 ] CVE-2007-5902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
[ 4 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 5 ] CVE-2007-5972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
----------
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
-----------
The information in this bulletin is provided "AS IS" without warranty of
any
kind. In no event shall we be liable for any damages whatsoever
including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab
VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security
Trusted {Solution} Provider
Service
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-924-1 April 07, 2010
krb5 vulnerabilities
CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,
CVE-2010-0629
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4
libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10:
krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04:
krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3
libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly
free memory. An unauthenticated remote attacker could send specially
crafted traffic to crash the kadmind process, leading to a denial of
service. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in
the GSSAPI library. If a remote attacker were able to manipulate an
application using GSSAPI carefully, the service could crash, leading to
a denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,
CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the
GSSAPI and kdb libraries. If a remote attacker were able to manipulate
an application using these libraries carefully, the service could crash,
leading to a denial of service. (Only Ubuntu 8.04 LTS was affected.)
(CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
VAR-200712-0605 | CVE-2007-5901 | MIT Kerberos Multiple Memory Corruption Vulnerabilities |
CVSS V2: 6.9 CVSS V3: - Severity: MEDIUM |
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. This problem is probably caused by a typo in the source code.Details of this vulnerability are unknown. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等.
Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃.
gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char *fmt, ...)
{
...
(1) int length, kerror; <---- declared length without initializer
if (n) sprintf(in, \"\\%d\\%c\", n, cont_char);
else in[0] = \'\'\0\'\';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
if (strcmp(auth_type, \"KERBEROS_V4\") == 0) {
if (clevel == PROT_P)
length = krb_mk_priv((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
schedule,
&kdata.session,
&ctrl_addr,
&his_addr);
else
length = krb_mk_safe((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
&kdata.session,
&ctrl_addr,
&his_addr);
if (length == -1) {
syslog(LOG_ERR,
\"krb_mk_\\%s failed for
KERBEROS_V4\",
clevel == PROT_P ? \"priv\" :
\"safe\");
fputs(in,stdout);
}
} else
#endif /* KRB5_KRB4_COMPAT */
#ifdef GSSAPI
/* reply (based on level) */
if (strcmp(auth_type, \"GSSAPI\") == 0) {
gss_buffer_desc in_buf, out_buf;
OM_uint32 maj_stat, min_stat;
int conf_state;
in_buf.value = in;
in_buf.length = strlen(in);
maj_stat = gss_seal(&min_stat, gcontext,
clevel == PROT_P, /*
private */
GSS_C_QOP_DEFAULT,
&in_buf, &conf_state,
&out_buf);
if (maj_stat != GSS_S_COMPLETE) {
#if 0
/* Don\'\'t setup an infinite loop */
/* generally need to deal */
secure_gss_error(maj_stat, min_stat,
(clevel==PROT_P)?
\"gss_seal ENC didn\'\'t
complete\":
\"gss_seal MIC didn\'\'t
complete\");
#endif /* 0 */
} else if ((clevel == PROT_P) && !conf_state) {
#if 0
/* Don\'\'t setup an infinite loop */
secure_error(\"GSSAPI didn\'\'t encrypt
message\");
#endif /* 0 */
} else {
memcpy(out, out_buf.value,
length=out_buf.length);
gss_release_buffer(&min_stat,
&out_buf);
}
}
#endif /* GSSAPI */
/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4
protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol
compatibility enabled, which is a compiled-in default in all
Kerberos versions that Mandriva Linux ships prior to Mandriva
Linux 2008.0.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm
11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm
23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm
0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm
8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm
fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm
ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm
8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm
22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm
513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm
4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm
6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm
4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm
b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm
21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm
1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm
22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2008.0:
3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm
1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm
5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm
94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm
695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm
4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm
cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm
d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm
072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm
cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm
9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm
19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm
6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm
dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm
2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm
734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm
787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm
d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm
cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ
Hsy0RD3h2ilxoUTodKz7J5k=
=y37y
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
I.
II.
III. Solution
Install updates from your vendor
Check with your vendors for patches or updates. For information about
a vendor, please see the systems affected section in vulnerability
notes VU#895609 and VU#374121 or contact your vendor directly.
Administrators who compile MIT Kerberos from source should refer to
MIT Security Advisory 2008-002 for more information.
IV. References
* US-CERT Vulnerability Note VU#895609 -
<http://www.kb.cert.org/vuls/id/895609>
* US-CERT Vulnerability Note VU#374121 -
<http://www.kb.cert.org/vuls/id/374121>
* MIT krb5 Security Advisory 2008-002 -
<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt2>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-079B.html>
_________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA08-079B Feedback VU#895609" in the
subject.
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________
Produced 2008 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
March 19, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR+E+pPRFkHkM87XOAQK1jwf/ZDEomMLCZvsmN7KVXa0Il5PqXlfRvG2Y
jdWPUCi92qmgvm8LdqoNgAUxnUGYzCHLQzw8ebmnz37AMigDNsYIzFHStgnoJDVi
iK6UGC6gHLnGJFuG+otEC9jZaVeIiUbKddB2+vzvmDWLnvIsyxzmHf6lJe0IrZlH
ho/cCgpfRctgZHM5Ke+pPPqMjZZ7u0OUQnM7MIcSsZbKxw8x2CyUpaSiheMDhf8p
8JGyx+nkyvZoja6Ee4WCRq3xtVaUlp/sg8IZYY5nav2VuSh15rJXLJCWDBXUU+oV
aAXPa2JEx5Cn3S0CFz8SIJ4NoLUp09usVMFyeNd57FMBKRjTAC/DBw==
=4wkz
-----END PGP SIGNATURE-----
.
Background
==========
MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol. kadmind is the MIT Kerberos 5 administration daemon,
KDC is the Key Distribution Center.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
===========
* Two vulnerabilities were found in the Kerberos 4 support in KDC: A
global variable is not set for some incoming message types, leading
to a NULL pointer dereference or a double free() (CVE-2008-0062) and
unused portions of a buffer are not properly cleared when generating
an error message, which results in stack content being contained in a
reply (CVE-2008-0063).
* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the
RPC library server code, used in the kadmin server, caused when too
many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is
enabled. This
bug can only be triggered in configurations that allow large numbers of
open file descriptors in a process.
Workaround
==========
Kerberos 4 support can be disabled via disabling the "krb4" USE flag
and recompiling the ebuild, or setting "v4_mode=none" in the
[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around
the KDC related vulnerabilities.
Resolution
==========
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
==========
[ 1 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 3 ] CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
[ 4 ] CVE-2008-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
[ 5 ] CVE-2008-0947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c.
A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function
gss_indicate_mechs(mi
norStatus, mechSet) in g_initialize.c and a integer overflow
vunerability(CVE-2007-5902)
in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior,
crashes, or security holes.
Dereferencing,integer overflow and double free may cause instability and
potentially crash.
References
==========
[ 1 ] CVE-2007-5894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
[ 3 ] CVE-2007-5902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
[ 4 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 5 ] CVE-2007-5972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
----------
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
-----------
The information in this bulletin is provided "AS IS" without warranty of
any
kind. In no event shall we be liable for any damages whatsoever
including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab
VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security
Trusted {Solution} Provider
Service
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-924-1 April 07, 2010
krb5 vulnerabilities
CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,
CVE-2010-0629
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4
libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10:
krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04:
krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3
libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly
free memory. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in
the GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,
CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the
GSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.)
(CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
VAR-200712-0427 | CVE-2007-5894 | MIT Kerberos Multiple Memory Corruption Vulnerabilities |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitialized variable is used. NOTE: the vendor disputes this issue, stating " The 'length' variable is only uninitialized if 'auth_type' is neither the 'KERBEROS_V4' nor 'GSSAPI'; this condition cannot occur in the unmodified source code. MIT Kerberos of kerberos 5 Exists in unspecified vulnerabilities.None.
Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃.
gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char *fmt, ...)
{
...
(1) int length, kerror; <---- declared length without initializer
if (n) sprintf(in, \"\\%d\\%c\", n, cont_char);
else in[0] = \'\'\0\'\';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
if (strcmp(auth_type, \"KERBEROS_V4\") == 0) {
if (clevel == PROT_P)
length = krb_mk_priv((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
schedule,
&kdata.session,
&ctrl_addr,
&his_addr);
else
length = krb_mk_safe((unsigned char
*)in,
(unsigned char
*)out,
strlen(in),
&kdata.session,
&ctrl_addr,
&his_addr);
if (length == -1) {
syslog(LOG_ERR,
\"krb_mk_\\%s failed for
KERBEROS_V4\",
clevel == PROT_P ? \"priv\" :
\"safe\");
fputs(in,stdout);
}
} else
#endif /* KRB5_KRB4_COMPAT */
#ifdef GSSAPI
/* reply (based on level) */
if (strcmp(auth_type, \"GSSAPI\") == 0) {
gss_buffer_desc in_buf, out_buf;
OM_uint32 maj_stat, min_stat;
int conf_state;
in_buf.value = in;
in_buf.length = strlen(in);
maj_stat = gss_seal(&min_stat, gcontext,
clevel == PROT_P, /*
private */
GSS_C_QOP_DEFAULT,
&in_buf, &conf_state,
&out_buf);
if (maj_stat != GSS_S_COMPLETE) {
#if 0
/* Don\'\'t setup an infinite loop */
/* generally need to deal */
secure_gss_error(maj_stat, min_stat,
(clevel==PROT_P)?
\"gss_seal ENC didn\'\'t
complete\":
\"gss_seal MIC didn\'\'t
complete\");
#endif /* 0 */
} else if ((clevel == PROT_P) && !conf_state) {
#if 0
/* Don\'\'t setup an infinite loop */
secure_error(\"GSSAPI didn\'\'t encrypt
message\");
#endif /* 0 */
} else {
memcpy(out, out_buf.value,
length=out_buf.length);
gss_release_buffer(&min_stat,
&out_buf);
}
}
#endif /* GSSAPI */
/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
SUSE Update for Multiple Packages
SECUNIA ADVISORY ID:
SA28636
VERIFY ADVISORY:
http://secunia.com/advisories/28636/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
SUSE Linux 10.1
http://secunia.com/product/10796/
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
DESCRIPTION:
SUSE has issued updates for multiple packages.
For more information:
SA27313
SA28076
SA28129
SA28228
SA28327
SA28358
SA28384
SA28444
SOLUTION:
Updated packages are available via Yast Online Update or the SUSE FTP
server.
ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html
OTHER REFERENCES:
SA27313:
http://secunia.com/advisories/27313/
SA28076:
http://secunia.com/advisories/28076/
SA28129:
http://secunia.com/advisories/28129/
SA28228:
http://secunia.com/advisories/28228/
SA28327:
http://secunia.com/advisories/28327/
SA28358:
http://secunia.com/advisories/28358/
SA28384:
http://secunia.com/advisories/28384/
SA28444:
http://secunia.com/advisories/28444/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: MIT Kerberos 5: Multiple vulnerabilities
Date: March 24, 2008
Bugs: #199205, #212363
ID: 200803-31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilites have been found in MIT Kerberos 5, which could
allow a remote unauthenticated user to execute arbitrary code with root
privileges.
Background
==========
MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol. kadmind is the MIT Kerberos 5 administration daemon,
KDC is the Key Distribution Center.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
===========
* Two vulnerabilities were found in the Kerberos 4 support in KDC: A
global variable is not set for some incoming message types, leading
to a NULL pointer dereference or a double free() (CVE-2008-0062) and
unused portions of a buffer are not properly cleared when generating
an error message, which results in stack content being contained in a
reply (CVE-2008-0063).
* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the
RPC library server code, used in the kadmin server, caused when too
many file descriptors are opened (CVE-2008-0947).
* Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI
library: usage of a freed variable in the gss_indicate_mechs()
function (CVE-2007-5901) and a double free() vulnerability in the
gss_krb5int_make_seal_token_v3() function (CVE-2007-5971).
Impact
======
The first two vulnerabilities can be exploited by a remote
unauthenticated attacker to execute arbitrary code on the host running
krb5kdc, compromise the Kerberos key database or cause a Denial of
Service. These bugs can only be triggered when Kerberos 4 support is
enabled.
The RPC related vulnerability can be exploited by a remote
unauthenticated attacker to crash kadmind, and theoretically execute
arbitrary code with root privileges or cause database corruption. This
bug can only be triggered in configurations that allow large numbers of
open file descriptors in a process.
The GSSAPI vulnerabilities could be exploited by a remote attacker to
cause Denial of Service conditions or possibly execute arbitrary code.
Workaround
==========
Kerberos 4 support can be disabled via disabling the "krb4" USE flag
and recompiling the ebuild, or setting "v4_mode=none" in the
[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around
the KDC related vulnerabilities.
Resolution
==========
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
==========
[ 1 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 3 ] CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
[ 4 ] CVE-2008-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
[ 5 ] CVE-2008-0947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c.
A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function
gss_indicate_mechs(mi
norStatus, mechSet) in g_initialize.c and a integer overflow
vunerability(CVE-2007-5902)
in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior,
crashes, or security holes.
Dereferencing,integer overflow and double free may cause instability and
potentially crash.
References
==========
[ 1 ] CVE-2007-5894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
[ 2 ] CVE-2007-5901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
[ 3 ] CVE-2007-5902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
[ 4 ] CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
[ 5 ] CVE-2007-5972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
----------
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
-----------
The information in this bulletin is provided "AS IS" without warranty of
any
kind. In no event shall we be liable for any damages whatsoever
including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab
VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security
Trusted {Solution} Provider
Service
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
VAR-200712-0147 | CVE-2007-6261 | Apple Mac OS X of load_threadstack Integer overflow vulnerability in functions |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
Exploiting this issue allows local, unprivileged users to crash affected kernels, denying further service to legitimate users.
Apple Mac OS X 10.4 and 10.5.1 are vulnerable to this issue; other versions may also be affected. A local attacker can trigger this overflow to cause an infinite loop, and the system will become unresponsive.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
The vulnerability is caused due to an integer overflow error in the
handling of Mach-O binaries and can be exploited to render the system
unresponsive. Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY:
mu-b
ORIGINAL ADVISORY:
http://www.digit-labs.org/files/exploits/xnu-macho-dos.c
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200712-0158 | CVE-2007-6273 | SonicWALL GLobal VPN Client Format string vulnerability in configuration files |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application. Failed attempts may cause denial-of-service conditions.
Versions prior to SonicWALL Global VPN Client 4.0.0.830 are affected. Local attackers may use this vulnerability to elevate their privileges.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
The vulnerability is caused due to a format-string error when
processing a VPN configuration file. This can be exploited by e.g.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 3.1.0.556 and also reported
in version 4.0.0.810. Other versions may also be affected.
SOLUTION:
The vendor has reportedly issued version 4.0.0.830, which fixes the
vulnerability.
PROVIDED AND/OR DISCOVERED BY:
Discovered by lofi42 and reported via SEC Consult.
ORIGINAL ADVISORY:
SEC Consult (20071204-0):
http://www.sec-consult.com/305.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200712-0161 | CVE-2007-6276 | Apple Mac OS X VPND Remote Denial of Service Vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
An attacker can exploit this issue to crash affected computers, denying service to legitimate users.
This issue affects Apple Mac OS X 10.5; other versions may also be affected.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
The vulnerability is caused due to an error within vpnd when handling
connections and can be exploited to stop the VPN daemon by sending a
specially crafted packet to the service.
Other versions may also be affected.
SOLUTION:
Restrict network access to the VPN daemon to trusted clients.
PROVIDED AND/OR DISCOVERED BY:
mu-b
ORIGINAL ADVISORY:
http://milw0rm.com/exploits/4690
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities. ----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA30802
VERIFY ADVISORY:
http://secunia.com/advisories/30802/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Cross Site Scripting, Spoofing, Exposure of
sensitive information, Privilege escalation, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities and a weakness.
1) An unspecified error in the Alias Manager when handling AFP volume
mount information in an alias data structure can be exploited to cause
a memory corruption and potentially execute arbitrary code.
2) A weakness is caused due to users not being warned before opening
certain potentially unsafe content types, e.g. .xht and .xhtm files.
3) A format string error in c++filt can be exploited to exploited to
execute arbitrary code when a specially crafted string is passed to
the application.
4) An vulnerability in Dock can be exploited by malicious people with
physical access to a system to bypass the screen lock when Expos\xe9 hot
corners are set.
5) A race condition error exists in Launch Services in the download
validation of symbolic links. This can be exploited to execute
arbitrary code when a user visits a malicious web site.
Successful exploitation requires that the "Open 'safe' files" option
is enabled in Safari.
6) A vulnerability in Net-SNMP can be exploited by malicious people
to spoof authenticated SNMPv3 packets.
For more information:
SA30574
7) Some vulnerabilities in Ruby can be exploited by malicious people
to disclose sensitive information, cause a DoS (Denial of Service),
or potentially compromise a vulnerable system.
8) A vulnerability in SMB File Server can be exploited by malicious
people to compromise a vulnerable system.
For more information:
SA30228
9) It is possible to store malicious files within the User Template
directory. This can be exploited to execute arbitrary code with
permissions of a new user when his home directory is created using
the User Template directory.
10) Some vulnerabilities in Tomcat can be exploited by malicious
users to disclose sensitive information and by malicious people to
disclose sensitive information or to conduct cross-site scripting
attacks.
For more information:
SA25678
SA26466
SA27398
SA28878
11) A vulnerability in WebKit can be exploited by malicious people to
compromise a user's system. or apply Security Update 2008-004.
Security Update 2008-004 (PPC):
http://www.apple.com/support/downloads/securityupdate2008004ppc.html
Security Update 2008-004 (Intel):
http://www.apple.com/support/downloads/securityupdate2008004intel.html
Security Update 2008-004 Server (PPC):
http://www.apple.com/support/downloads/securityupdate2008004serverppc.html
Security Update 2008-004 Server (Intel):
http://www.apple.com/support/downloads/securityupdate2008004serverintel.html
Mac OS X 10.5.4 Combo Update:
http://www.apple.com/support/downloads/macosx1054comboupdate.html
Mac OS X 10.5.4 Update:
http://www.apple.com/support/downloads/macosx1054update.html
Mac OS X Server 10.5.4:
http://www.apple.com/support/downloads/macosxserver1054.html
Mac OS X Server Combo 10.5.4:
http://www.apple.com/support/downloads/macosxservercombo1054.html
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
2) Brian Mastenbrook
4) Andrew Cassell, Marine Spill Response Corporation
8) Alin Rad Pop, Secunia Research
9) Andrew Mortensen, University of Michigan
11) James Urquhart
ORIGINAL ADVISORY:
Apple:
http://support.apple.com/kb/HT2163
OTHER REFERENCES:
SA25678:
http://secunia.com/advisories/25678/
SA26466:
http://secunia.com/advisories/26466/
SA27398:
http://secunia.com/advisories/27398/
SA28878:
http://secunia.com/advisories/28878/
SA29232:
http://secunia.com/advisories/29232/
SA29794:
http://secunia.com/advisories/29794/
SA30228:
http://secunia.com/advisories/30228/
SA30574:
http://secunia.com/advisories/30574/
SA30775:
http://secunia.com/advisories/30775/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200712-0047 | CVE-2007-6238 | Windows XP Run on Apple QuickTime Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.
Very few technical details are currently available. We will update this BID as more information emerges
VAR-200712-0490 | No CVE | Hitachi JP1/Cm2/Network Node Manager Unspecified Cross-Site Scripting Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Hitachi JP1/Cm2/Network Node Manager are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Certain unspecified input is not properly sanitised before being
returned to the user.
Please see the vendor's advisory for a list of affected products and
versions.
SOLUTION:
Please see the vendor's advisory for fix information.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Nobuhiro Tsuji of NTT Data Security Corporation.
ORIGINAL ADVISORY:
http://www.hitachi-support.com/security_e/vuls_e/HS07-040_e/index-e.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200711-0538 | CVE-2007-6203 |
Apache HTTP Server of 413 In the error message HTTP Problems not checking the method properly
Related entries in the VARIoT exploits database: VAR-E-200711-0281 |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. In order to use this problem to perform cross-site scripting attacks, the attacker is malicious to the user. HTTP It is reported as a prerequisite to have the method submitted.
An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.
Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Apache: Multiple vulnerabilities
Date: March 11, 2008
Bugs: #201163, #204410, #205195, #209899
ID: 200803-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in Apache.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.8 >= 2.2.8
Description
===========
Adrian Pastor and Amir Azam (ProCheckUp) reported that the HTTP Method
specifier header is not properly sanitized when the HTTP return code is
"413 Request Entity too large" (CVE-2007-6203). The mod_proxy_balancer
module does not properly check the balancer name before using it
(CVE-2007-6422). The mod_proxy_ftp does not define a charset in its
answers (CVE-2008-0005). Stefano Di Paola (Minded Security) reported
that filenames are not properly sanitized within the mod_negociation
module (CVE-2008-0455, CVE-2008-0456).
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.8"
References
==========
[ 1 ] CVE-2007-6203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203
[ 2 ] CVE-2007-6422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
[ 3 ] CVE-2008-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
[ 4 ] CVE-2008-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455
[ 5 ] CVE-2008-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-19.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license. ===========================================================
Ubuntu Security Notice USN-731-1 March 10, 2009
apache2 vulnerabilities
CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168,
CVE-2008-2364, CVE-2008-2939
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
apache2-common 2.0.55-4ubuntu2.4
apache2-mpm-perchild 2.0.55-4ubuntu2.4
apache2-mpm-prefork 2.0.55-4ubuntu2.4
apache2-mpm-worker 2.0.55-4ubuntu2.4
Ubuntu 7.10:
apache2-mpm-event 2.2.4-3ubuntu0.2
apache2-mpm-perchild 2.2.4-3ubuntu0.2
apache2-mpm-prefork 2.2.4-3ubuntu0.2
apache2-mpm-worker 2.2.4-3ubuntu0.2
apache2.2-common 2.2.4-3ubuntu0.2
Ubuntu 8.04 LTS:
apache2-mpm-event 2.2.8-1ubuntu0.4
apache2-mpm-perchild 2.2.8-1ubuntu0.4
apache2-mpm-prefork 2.2.8-1ubuntu0.4
apache2-mpm-worker 2.2.8-1ubuntu0.4
apache2.2-common 2.2.8-1ubuntu0.4
In general, a standard system upgrade is sufficient to effect the
necessary changes. With cross-site scripting vulnerabilities, if a user were tricked into
viewing server output during a crafted server request, a remote attacker could
exploit this to modify the contents, or steal confidential data (such as
passwords), within the same domain. This issue only affected Ubuntu 6.06 LTS and
7.10. (CVE-2007-6203)
It was discovered that Apache was vulnerable to a cross-site request forgery
(CSRF) in the mod_proxy_balancer balancer manager. If an Apache administrator
were tricked into clicking a link on a specially crafted web page, an attacker
could trigger commands that could modify the balancer manager configuration.
This issue only affected Ubuntu 7.10 and 8.04 LTS. (CVE-2007-6420)
It was discovered that Apache had a memory leak when using mod_ssl with
compression. A remote attacker could exploit this to exhaust server memory,
leading to a denial of service. This issue only affected Ubuntu 7.10.
(CVE-2008-1678)
It was discovered that in certain conditions, Apache did not specify a default
character set when returning certain error messages containing UTF-7 encoded
data, which could result in browsers becoming vulnerable to cross-site scripting
attacks when processing the output. This issue only affected Ubuntu 6.06 LTS and
7.10. (CVE-2008-2168)
It was discovered that when configured as a proxy server, Apache did not limit
the number of forwarded interim responses. A malicious remote server could send
a large number of interim responses and cause a denial of service via memory
exhaustion. (CVE-2008-2364)
It was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when
they are returned in directory listings, which could result in browsers becoming
vulnerable to cross-site scripting attacks when processing the output.
(CVE-2008-2939)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.diff.gz
Size/MD5: 123478 7a5b444231dc27ee60c1bd63f42420c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.dsc
Size/MD5: 1156 4f9a0f31d136914cf7d6e1a92656a47b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.4_all.deb
Size/MD5: 2124948 5153435633998e4190b54eb101afd271
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 833336 d5b9ecf82467eb04a94957321c4a95a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 228588 f4b9b82016eb22a60da83ae716fd028a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 223600 2cf77e3daaadcc4e07da5e19ecac2867
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 228216 60ff106ddefe9b68c055825bcd6ec52f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 171724 bae5e3d30111e97d34b25594993ad488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 172508 77bdf00092378c89ae8be7f5139963e0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 94562 f3a168c57db1f5be11cfdba0bdc20062
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 36618 a7f34da28f7bae0cffb3fdb73da70143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 286028 a5b380d9c6a651fe043ad2358ef61143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 144590 9a4031c258cfa264fb8baf305bc0cea6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 786528 353ed1839a8201d0211ede114565e60d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 203256 7b0caa06fd47a28a8a92d1b69c0b4667
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 199114 6a77314579722ca085726e4220be4e9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 202654 ffad2838e3c8c79ecd7e21f79aa78216
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 171716 771492b2b238424e33e3e7853185c0ca
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 172498 b5f7a4ed03ebafa4c4ff75c05ebf53b7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 92520 787a673994d746b4ad3788c16516832a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 36620 4d5f0f18c3035f41cb8234af3cc1092c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 262082 d6a7111b9f2ed61e1aeb2f18f8713873
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 132518 5a335222829c066cb9a0ddcaeee8a0da
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 859446 cf555341c1a8b4a39808b8a3bd76e03a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 220622 85b902b9eecf3d40577d9e1e8bf61467
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 216314 146e689e30c6e1681048f6cf1dd659e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 220128 10f65b3961a164e070d2f18d610df67b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 171726 9e341f225cb19d5c44f343cc68c0bba5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 172512 331dff8d3de7cd694d8e115417bed4f8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 104284 7ab80f14cd9072d23389e27f934079f3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 36620 713bfffcca8ec4e9531c635069f1cd0d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 281600 ad1671807965e2291b5568c7b4e95e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 141744 6b04155aa1dbf6f657dbfa27d6086617
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 803706 f14be1535acf528f89d301c8ec092015
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 211028 28b74d86e10301276cadef208b460658
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 206566 6d6b2e1e3e0bbf8fc0a0bcca60a33339
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 210280 45690384f2e7e0a2168d7867283f9145
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 171732 6595a330344087593a9443b9cdf5e4ba
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 172498 f1ac3a442b21db9d2733e8221b218e25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 93606 f229d1c258363d2d0dfb3688ec96638e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 36616 6f470e2e17dfc6d587fbe2bf861bfb06
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 268178 5a853d01127853405a677c53dc2bf254
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 130456 a0a51bb9405224948b88903779347427
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.diff.gz
Size/MD5: 125080 c5c1b91f6918d42a75d23e95799b3707
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.dsc
Size/MD5: 1333 b028e602b998a666681d1aa73b980c06
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 2211750 9dc3a7e0431fe603bbd82bf647d2d1f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 278670 985dd1538d0d2c6bb74c458eaada1cb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 6702036 3cdb5e1a9d22d7172adfd066dd42d71a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 42846 ba7b0cbf7f33ac3b6321c132bc2fec71
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 457286 b37825dc4bb0215284181aa5dfc9dd44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 453094 380ea917048a64c2c9bc12d768ac2ffa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 456804 b075ef4e563a55c7977af4d82d90e493
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 410658 6dff5030f33af340b2100e8591598d9d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 411244 9c79a2c0a2d4d8a88fae1b3f10d0e27c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 348256 ef1e159b64fe2524dc94b6ab9e22cefb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 992256 0e9bac368bc57637079f839bcce8ebbc
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 440388 bdb2ced3ca782cda345fcfb109e8b02a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 436030 44d372ff590a6e42a83bcd1fb5e546fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 439732 5119be595fb6ac6f9dd94d01353da257
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 410656 01be0eca15fe252bbcab7562462af5ca
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 411250 10d8929e9d37050488f2906fde13b2fd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 347322 d229c56720ae5f1f83645f66e1bfbdf1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 947460 3dc120127b16134b42e0124a1fdfa4ab
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 439896 8e856643ebeed84ffbeb6150f6e917c5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 435524 ce18d9e09185526c93c6af6db7a6b5cf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 439180 9622bf2dfee7941533faedd2e2d4ebbd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 410674 684ad4367bc9250468351b5807dee424
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 411258 17f53e8d3898607ce155dc333237690c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 347664 1197aa4145372ae6db497fb157cb0da1
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 939924 470a7163e2834781b2db0689750ce0f2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 458848 4efbbcc96f05a03301a13448f9cb3c01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 454226 1fe4c7712fd4597ed37730a27df95113
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 458134 5786d901931cecd340cc1879e27bcef7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 410676 9fc94d5b21a8b0f7f8aab9dc60339abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 411266 c44cde12a002910f9df02c10cdd26b0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 367392 612ddcebee145f765163a0b30124393a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 1094288 72fd7d87f4876648d1e14a5022c61b00
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 441650 28e5a2c2d18239c0810b6de3584af221
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 437796 3ee7408c58fbdf8de6bf681970c1c9ad
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 441114 b1b1bb871fe0385ea4418d533f0669aa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 410676 cf7bed097f63e3c24337813621866498
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 411252 5a30177f7039f52783576e126cf042d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 350468 ce216a4e9739966cd2aca4262ba0ea4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 959090 98ad8ee7328f25e1e81e110bbfce10c2
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.diff.gz
Size/MD5: 132376 1a3c4e93f08a23c3a3323cb02f5963b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.dsc
Size/MD5: 1379 ed1a1e5de71b0e35100f60b21f959db4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 1928164 86b52d997fe3e4baf9712be0562eed2d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 72176 1f4efe37abf317c3c42c4c0a79a4f232
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 6254152 fe271b0e4aa0cf80e99b866c23707b6a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 45090 3f44651df13cfd495d7c33dda1c709ea
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 252272 3d27b0311303e7c5912538fb7d4fc37c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 247850 1ce7ff6190c21da119d98b7568f2e5d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 251658 ac7bc78b449cf8d28d4c10478c6f1409
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 204658 66e95c370f2662082f3ec41e4a033877
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 205336 6b1e7e0ab97b7dd4470c153275f1109c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 140940 cad14e08ab48ca8eb06480c0db686779
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 801764 3759103e3417d44bea8866399ba34a66
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 235194 dddbc62f458d9f1935087a072e1c6f67
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 230748 db0a1dc277de5886655ad7b1cc5b0f1a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 234542 0e4997e9ed55d6086c439948cf1347ff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 204672 1f58383838b3b9f066e855af9f4e47e0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 205348 fa032fc136c5b26ccf364289a93a1cda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 139904 b503316d420ccb7efae5082368b95e01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 754788 140fddccc1a6d3dc743d37ab422438c2
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 234752 bc06d67259257109fe8fc17204bc9950
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 230424 9421376c8f6d64e5c87af4f484b8aacf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 233908 179236460d7b7b71dff5e1d1ac9f0509
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 204664 764d773d28d032767d697eec6c6fd50a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 205342 2891770939b51b1ca6b8ac8ca9142db1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 140478 4a062088427f1d8b731e06d64eb7e2ea
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 748672 b66dbda7126616894cf97eb93a959af9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 253368 bad43203ed4615216bf28f6da7feb81b
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 248800 aa757fd46cd79543a020dcd3c6aa1b26
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 252904 682a940b7f3d14333037c80f7f01c793
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 204678 30af6c826869b647bc60ed2d99cc30f7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 205376 cd02ca263703a6049a6fe7e11f72c98a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 157662 df6cdceecb8ae9d25bbd614142da0151
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 904904 34581d1b3c448a5de72a06393557dd48
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 236418 2eda543f97646f966f5678e2f2a0ba90
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 232386 69e2419f27867b77d94a652a83478ad7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 235788 414a49286d9e8dd7b343bd9207dc727b
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 204668 f7d099cd9d3ebc0baccbdd896c94a88f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 205352 0a5cb5dfd823b4e6708a9bcc633a90cd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 143108 ad78ead4ac992aec97983704b1a3877f
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 763946 0d40a8ebecfef8c1a099f2170fcddb73
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01905287
Version: 1
HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-10-21
Last Updated: 2009-10-21
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658.
HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.05
HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.12
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2007-4465 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2007-6203 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-0599 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2008-2168 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-2364 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2008-2371 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2008-2665 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2008-2666 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2008-2829 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-3658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2008-3659 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4
CVE-2008-3660 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2008-5498 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2008-5557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2008-5624 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2008-5625 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2008-5658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities.
The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.06 contains HP-UX Apache-based Web Server v2.2.8.05
Note: HP-UX Web Server Suite v2.27 contains HP-UX Apache-based Web Server v2.0.59.12
Web Server Suite Version
HP-UX Release
Depot name
Web Server v3.06
B.11.23 and B.11.31 PA-32
HPUX22SATW-1123-32.depot
Web Server v3.06
B.11.23 and B.11.31 IA-64
HPUX22SATW-1123-64.depot
Web Server v2.27
B.11.11 PA-32
HPUXSATW-1111-64-32.depot
Web Server v2.27
B.11.23 PA-32 and IA-64
HPUXWSATW-1123-64-bit.depot
Web Server v2.27
B.11.31 IA-32 and IA-64
HPUXSATW-1131-64.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.27 or subsequent
or
Install Apache-based Web Server from the Apache Web Server Suite v3.06 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Web Server Suite before v3.06
HP-UX B.11.23
==================
hpuxws22APACHE.APACHE
hpuxws22APACHE.APACHE2
hpuxws22APACHE.AUTH_LDAP
hpuxws22APACHE.AUTH_LDAP2
hpuxws22APACHE.MOD_JK
hpuxws22APACHE.MOD_JK2
hpuxws22APACHE.MOD_PERL
hpuxws22APACHE.MOD_PERL2
hpuxws22APACHE.PHP
hpuxws22APACHE.PHP2
action: install revision B.2.2.8.05 or subsequent
HP-UX B.11.31
==================
hpuxws22APCH32.APACHE
hpuxws22APCH32.APACHE2
hpuxws22APCH32.AUTH_LDAP
hpuxws22APCH32.AUTH_LDAP2
hpuxws22APCH32.MOD_JK
hpuxws22APCH32.MOD_JK2
hpuxws22APCH32.MOD_PERL
hpuxws22APCH32.MOD_PERL2
hpuxws22APCH32.PHP
hpuxws22APCH32.PHP2
hpuxws22APCH32.WEBPROXY
hpuxws22APCH32.WEBPROXY2
action: install revision B.2.2.8.05 or subsequent
For Web Server Suite before v2.27
HP-UX B.11.11
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
action: install revision B.2.0.59.12 or subsequent
HP-UX B.11.23
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
action: install revision B.2.0.59.12 or subsequent
HP-UX B.11.31
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
action: install revision B.2.0.59.12 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 21 October 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEUEARECAAYFAkrguYgACgkQ4B86/C0qfVliOACWIZufVcaJyE/ap8OAmQqT87S7
hQCeKCPftsEV+4JPzQKz4B+EnYzQsJ0=
=TAoy
-----END PGP SIGNATURE-----
VAR-200803-0003 | CVE-2007-6704 | F5 FirePass Vulnerable to cross-site scripting |
CVSS V2: 2.6 CVSS V3: - Severity: LOW |
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker to steal cookie-based authentication credentials and to launch other attacks.
F5 Networks FirePass 4100 SSL VPNs running these firmware versions are vulnerable:
5.4.1 through 5.5.2
6.0
6.0.1.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Input passed via the URL to my.activation.php3 and my.logon.php3 is
not properly sanitised before being returned to the user.
The vulnerabilities are reported in FirePass versions 5.4.1 to 5.5.2
and FirePass versions 6.0 to 6.0.1.
SOLUTION:
The vendor has issued cumulative hotfix HF-601-6 for version 6.0.1:
https://support.f5.com/kb/en-us/solutions/public/7000/900/SOL7923.html
Filter malicious characters and character sequences in a web proxy.
PROVIDED AND/OR DISCOVERED BY:
Adrian Pastor, Jan Fry, and Richard Brain of ProCheckUp Ltd.
ORIGINAL ADVISORY:
F5:
https://support.f5.com/kb/en-us/solutions/public/7000/900/SOL7923.html
Procheckup Ltd:
http://www.procheckup.com/Vulnerability_PR07-14.php
http://www.procheckup.com/Vulnerability_PR07-15.php
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200712-0035 | CVE-2007-6226 | APC AP7932 0u 30amp Switched Rack PDU Vulnerable to login access |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. APC Switched Rack PDUs (Power Distribution Units) are prone to an authentication-bypass vulnerability.
Attackers can exploit this issue to gain unauthorized access to affected devices. Successful exploits will allow attackers to control the power distribution to rack-mounted computer equipment. Attackers could leverage this to cause denial-of-service conditions and possibly physical damage.
The following firmware versions running on PDU part number AP9732 are vulnerable:
rpdu 3.5.5
aos 3.5.6
Other versions and devices may also be affected. A remote attacker bypasses authentication and gains registration access with the help of registration attempts from different customer usages
VAR-200711-0089 | CVE-2007-6190 | Cisco Unified IP Phone of HTTP Eavesdropping vulnerability in daemon |
CVSS V2: 3.5 CVSS V3: - Severity: LOW |
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an ExecuteItem element that specifies a Real-Time Transport Protocol (RTP) audio stream. Cisco Unified IP Phone is prone to a vulnerability that allows eavesdropping.
An attacker can exploit this issue to transmit or receive audio stream data to an unsuspecting victim.
Successfully exploiting this issue will allow the attacker to access sensitive information. If the attack is successful, the IP phone will turn on the microphone status light, and the phone will display an off-hook icon to indicate that a call is in progress.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
----------------------------------------------------------------------
TITLE:
Cisco Unified IP Phone Extension Mobility Weakness
SECUNIA ADVISORY ID:
SA27829
VERIFY ADVISORY:
http://secunia.com/advisories/27829/
CRITICAL:
Not critical
IMPACT:
Security Bypass
WHERE:
>From local network
OPERATING SYSTEM:
Cisco IP Phone 7900 Series
http://secunia.com/product/2809/
DESCRIPTION:
Joffrey Czarney has reported a weakness in Cisco Unified IP Phones,
which can be exploited by malicious people to bypass certain security
restrictions.
The problem is that the Extension Mobility authentication credentials
are not encrypted when communicating with the internal web server of
an IP phone. This can be exploited to sniff the authentication
credentials and perform various actions on a target IP phone (e.g.
remotely login/logout a user or eavesdrop on calls).
Successful exploitation requires that the Extension Mobility feature
is enabled (not enabled by default).
The weakness affects all Cisco IP Phones that support the Extension
Mobility feature.
SOLUTION:
The vendor has provided some workaround to mitigate this issue.
Please see the vendor's advisory for details.
PROVIDED AND/OR DISCOVERED BY:
Joffrey Czarney, Telindus
ORIGINAL ADVISORY:
Cisco (100252):
http://www.cisco.com/warp/public/707/cisco-sr-20071128-phone.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200711-0065 | CVE-2007-6166 | Apple QuickTime RTSP Content-Type header stack buffer overflow |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Apple QuickTime RTSP of Content-Type A stack buffer overflow vulnerability exists in the handling of headers. Winodws Plate and Mac Edition QuickTime Are affected by this vulnerability. Also, iTunes Such QuickTime Systems that have installed software that uses Microsoft are also affected by this vulnerability. In addition, verification code that exploits this vulnerability has already been published.Crafted by a remote third party RTSP stream Arbitrary code could be executed when a user connects to.
This issue occurs when handling specially crafted RTSP Response headers.
Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.
UPDATE (December 4, 2007): Attackers are exploiting this issue through the Second Life Viewer to steal Linden dollars from unsuspecting victims. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats.
I. Most versions of
QuickTime prior to and including 7.3 running on all supported Apple
Mac OS X and Microsoft Windows platforms are vulnerable.
An attacker could exploit this vulnerability by convincing a user to
access a specially crafted HTML document such as a web page or email
message. The HTML document could use a variety of techniques to cause
QuickTime to load a specially crafted RTSP stream. Common web
browsers, including Microsoft Internet Explorer, Mozilla Firefox, and
Apple Safari can be used to pass RTSP streams to QuickTime, exploit
the vulnerability, and execute arbitrary code.
Exploit code for this vulnerability was first posted publicly on
November 25, 2007.
II.
III. To block attack vectors, consider the following
workarounds.
Block the rtsp:// protocol
Using a proxy or firewall capable of recognizing and blocking RTSP
traffic can mitigate this vulnerability. Known public exploit code for
this vulnerability uses the default RTSP port 554/tcp, however RTSP
can use a variety of ports.
Disable file association for QuickTime files
Disable the file association for QuickTime file types. This can be
accomplished by deleting the following registry keys:
HKEY_CLASSES_ROOT\QuickTime.*
This will remove the association for approximately 32 file types that
are configured to open with QuickTime Player.
Disable the QuickTime ActiveX controls in Internet Explorer
The QuickTime ActiveX controls can be disabled in Internet Explorer by
setting the kill bit for the following CLSIDs:
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
{4063BE15-3B08-470D-A0D5-B37161CFFD69}
More information about how to set the kill bit is available in
Microsoft Knolwedgebase Article 240797. Alternatively, the following
text can be saved as a .REG file and imported to set the kill bit for
these controls:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{4063BE15-3B08-470D-A0D5-B37161CFFD69}]
"Compatibility Flags"=dword:00000400
Disable the QuickTime plug-in for Mozilla-based browsers
Users of Mozilla-based browsers, such as Firefox can disable the
QuickTime plugin, as specified in the PluginDoc article Uninstalling
Plugins.
Disable JavaScript
For instructions on how to disable JavaScript, please refer to the
Securing Your Web Browser document. This can help prevent some attack
techniques that use the QuickTime plug-in or ActiveX control.
Secure your web browser
To help mitigate these and other vulnerabilities that can be exploited
via a web browser, refer to Securing Your Web Browser.
Do not access QuickTime files from untrusted sources
Do not open QuickTime files from any untrusted sources, including
unsolicited files or links received in email, instant messages, web
forums, or internet relay chat (IRC) channels.
References
* US-CERT Vulnerability Note VU#659761 - <http://www.kb.cert.org/vuls/id/659761>
* Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
* Mozilla Uninstalling Plugins - <http://plugindoc.mozdev.org/faqs/uninstall.html>
* How to stop an ActiveX control from running in Internet Explorer - <http://support.microsoft.com/kb/240797>
* IETF RFC 2326 Real Time Streaming Protocol - <http://tools.ietf.org/html/rfc2326>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA07-334A.html>
_________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-334A Feedback VU#659761" in the
subject.
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________
Produced 2007 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
_________________________________________________________________
Revision History
November 30, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR1ArKvRFkHkM87XOAQJg7wf/X4wAipFWO2ZJ5MdPzTwzE+x1OUIJxenP
cFuLApajAMZ33yAyTTjA0sYhKveYhxSwqQTetEPiAWp5r/KPkJL5ugkeSvtzbAgf
U6rsCICcRpjPJ7IjqsW/u6Hk2PBVqWwgip+FhZG5J5mjRPUdRr3JbmKlsEm/XDxi
+ENxwrAgcoQHkLn76xn/9+1vTbI3zxi0GoyAR+GIFzs+Fsn+LazMCCrDI4ltPMnS
c+Qpa3/qkOC+svz63yyHBjhq6eT2HQBP/X/50syweUOf4SrpDOdexX+mRPr03i6+
9byGzjid5sObMAbpH1AzCtiDB56ai3zf+G5qV0uK2ziXihvNEn7JKA==
=Jc+L
-----END PGP SIGNATURE-----
.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively. tricked into opening a malicious QTL
file or visiting a malicious web site.
The vulnerability is confirmed in version 7.3.
SOLUTION:
Do not browse untrusted websites, follow untrusted links, nor open
untrusted QTL files.
PROVIDED AND/OR DISCOVERED BY:
h07
ORIGINAL ADVISORY:
http://www.milw0rm.com/exploits/4648
OTHER REFERENCES:
VU#659761:
http://www.kb.cert.org/vuls/id/659761
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Note: This update removes the affected binary Quicktime library. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Win32 binary codecs: Multiple vulnerabilities
Date: March 04, 2008
Bugs: #150288
ID: 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities in the Win32 codecs for Linux may result in
the remote execution of arbitrary code.
Background
==========
Win32 binary codecs provide support for video and audio playback.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/win32codecs < 20071007-r2 >= 20071007-r2
Description
===========
Multiple buffer overflow, heap overflow, and integer overflow
vulnerabilities were discovered in the Quicktime plugin when processing
MOV, FLC, SGI, H.264 and FPX files.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Win32 binary codecs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=media-libs/win32codecs-20071007-r2"
Note: Since no updated binary versions have been released, the
Quicktime libraries have been removed from the package. Please use the
free alternative Quicktime implementations within VLC, MPlayer or Xine
for playback.
References
==========
[ 1 ] CVE-2006-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382
[ 2 ] CVE-2006-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384
[ 3 ] CVE-2006-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385
[ 4 ] CVE-2006-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386
[ 5 ] CVE-2006-4388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388
[ 6 ] CVE-2006-4389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389
[ 7 ] CVE-2007-4674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674
[ 8 ] CVE-2007-6166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-08.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
VAR-200711-0182 | CVE-2007-6146 | Hitachi JP1/File Transmission Server/FTP Denial Of Service Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on Windows might allow remote attackers to cause a denial of service (service stop) via a "specific file" argument to an FTP command. Hitachi JP1/File Transmission Server/FTP is prone to a denial-of-service vulnerability due to an unspecified error.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
----------------------------------------------------------------------
TITLE:
JP1/File Transmission Server/FTP Authentication Bypass and DoS
SECUNIA ADVISORY ID:
SA27735
VERIFY ADVISORY:
http://secunia.com/advisories/27735/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, DoS
WHERE:
>From remote
SOFTWARE:
Hitachi JP1/File Transmission Server/FTP
http://secunia.com/product/3821/
DESCRIPTION:
Two vulnerabilities have been reported in JP1/File Transmission
Server/FTP, which can be exploited by malicious users to cause a DoS
(Denial of Service) and by malicious people to bypass certain
security restrictions.
1) An unspecified error can be exploited to bypass authentication and
view files in a specific directory.
The vulnerability affects HP-UX, HP-UX(IPF), AIX, Solaris, Linux,
Linux(IPF), HP-UX(English version), and HI-UX/WE2.
The vulnerability affects Windows(x86), Windows(IPF), Windows(English
version), and Windows9X.
SOLUTION:
Update to the latest versions (please see vendor advisories for
details).
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.hitachi-support.com/security_e/vuls_e/HS07-037_e/index-e.html
http://www.hitachi-support.com/security_e/vuls_e/HS07-038_e/index-e.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200711-0431 | No CVE | Hitachi JP1 / File Transmission Server / FTP Bypass Authentication and Denial of Service Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
JP1 / File Transmission Server / FTP is an FTP-based file transfer server designed by Hitachi.
JP1 / File Transmission Server / FTP has vulnerabilities in processing abnormal user requests. Remote attackers may use the vulnerabilities to obtain sensitive information or cause denial of service.
Remote users can bypass authentication on the JP1 / File Transmission Server / FTP server to view files in a specific directory; in addition, if a special FTP command is issued, it may cause a denial of service.
VAR-200711-0181 | CVE-2007-6145 | Hitachi JP1/File Transmission Server/FTP Authentication Bypass Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors.
Attackers can exploit this issue to bypass security restrictions and obtain potentially sensitive information that could aid in further attacks.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
----------------------------------------------------------------------
TITLE:
JP1/File Transmission Server/FTP Authentication Bypass and DoS
SECUNIA ADVISORY ID:
SA27735
VERIFY ADVISORY:
http://secunia.com/advisories/27735/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, DoS
WHERE:
>From remote
SOFTWARE:
Hitachi JP1/File Transmission Server/FTP
http://secunia.com/product/3821/
DESCRIPTION:
Two vulnerabilities have been reported in JP1/File Transmission
Server/FTP, which can be exploited by malicious users to cause a DoS
(Denial of Service) and by malicious people to bypass certain
security restrictions.
The vulnerability affects HP-UX, HP-UX(IPF), AIX, Solaris, Linux,
Linux(IPF), HP-UX(English version), and HI-UX/WE2.
2) An error in the processing of an unspecified FTP command can be
exploited to stop the FTP service via a specially crafted file.
The vulnerability affects Windows(x86), Windows(IPF), Windows(English
version), and Windows9X.
SOLUTION:
Update to the latest versions (please see vendor advisories for
details).
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.hitachi-support.com/security_e/vuls_e/HS07-037_e/index-e.html
http://www.hitachi-support.com/security_e/vuls_e/HS07-038_e/index-e.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200711-0146 | CVE-2007-6099 | Ingate Firewall and SIParator Vulnerable to unauthorized operation |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities. Ingate Siparator is prone to a denial-of-service vulnerability. Unknown vulnerabilities exist in Ingate Firewall and SIParator
VAR-200711-0210 | CVE-2007-6033 |
Invensys Wonderware InTouch creates insecure NetDDE share
Related entries in the VARIoT exploits database: VAR-E-200711-0386 |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs. Invensys Wonderware InTouch is prone to a privilege-escalation vulnerability because of poor default permissions on a NetDDE share.
Attackers can exploit this issue to execute arbitrary applications that accept NetDDE connections. This can compromise the application and possibly the underlying computer.
InTouch 8.0 is vulnerable.
----------------------------------------------------------------------
2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
----------------------------------------------------------------------
TITLE:
Invensys Wonderware InTouch Insecure NetDDE Share Permissions
Security Issue
SECUNIA ADVISORY ID:
SA27751
VERIFY ADVISORY:
http://secunia.com/advisories/27751/
CRITICAL:
Less critical
IMPACT:
System access
WHERE:
>From local network
SOFTWARE:
Invensys Wonderware InTouch 8.x
http://secunia.com/product/16628/
DESCRIPTION:
A security issue has been reported in Invensys Wonderware InTouch,
which potentially can be exploited by malicious users to compromise a
vulnerable system.
The security issue is reported in version 8.0.
SOLUTION:
Apply updates or upgrade to version 9.0 or later (see vendor's
advisory for details).
PROVIDED AND/OR DISCOVERED BY:
Discovered by Neutralbit and reported via US-CERT with assistance
from Digital Bond.
ORIGINAL ADVISORY:
Wonderware:
http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
US-CERT VU#138633:
http://www.kb.cert.org/vuls/id/138633
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------