ID de Prueba:	1.3.6.1.4.1.25623.1.0.51359
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:860
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:860. The krb5 packages are MIT's[1] implementation of the Kerberos 5 authentication protocol. This announcement fixes several vulnerabilities listed in the advisories MITKRB5-SA-2004-001[2], MITKRB5-SA-2004-002[3] and MITKRB5-SA-2004-003[4]: 1. Buffer overflows in krb5_aname_to_localname() (CVE-2004-0523[5]) The krb5_aname_to_localname() library function contains multiple buffer overflows vulnerabilities[5] which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service. This announcement updates the correction used to the patch provided by Bill Dodd. 2. Several double-free vulnerabilities in KDC and libraries (CVE-2004-0642[6], CVE-2004-0643[7], CVE-2004-0772[8]) The MIT Kerberos 5 implementation's Key Distribution Center (KDC) program contains a double-free vulnerability that potentially allows a remote attacker to execute arbitrary code. Additionally, double-free vulnerabilities exist in MIT Kerberos 5 library code, making client programs and application servers vulnerable. The vulnerability in krb524d was discovered by Marc Horowitz the other double-free vulnerabilities were discovered by Will Fiveash and Nico Williams at Sun. 3. ASN.1 decoder denial of service (CVE-2004-0644[9]) Will Fiveash and Nico Williams also found a denial-of-service vulnerability[9] in the ASN.1 decoder library in the MIT Kerberos 5 distribution which could lead to an infinite loop in the decoder, allowing an unauthenticated remote attacker to cause a KDC or application server to hang inside an infinite loop and an attacker impersonating a legitimate KDC or application server to cause a client program to hang inside an infinite loop. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://web.mit.edu/Kerberos/www/index.html http://web.mit.edu/Kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://web.mit.edu/Kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt http://web.mit.edu/Kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0523 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0643 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0644 http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:860 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0523 BugTraq ID: 10448 http://www.securityfocus.com/bid/10448 Bugtraq: 20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname (Google Search) http://marc.info/?l=bugtraq&m=108612325909496&w=2 Bugtraq: 20040602 TSSA-2004-009 - kerberos5 (Google Search) http://marc.info/?l=bugtraq&m=108619161815320&w=2 CERT/CC vulnerability note: VU#686862 http://www.kb.cert.org/vuls/id/686862 Conectiva Linux advisory: CLA-2004:860 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 Debian Security Information: DSA-520 (Google Search) http://www.debian.org/security/2004/dsa-520 http://lwn.net/Articles/88206/ http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991 http://www.redhat.com/support/errata/RHSA-2004-236.html SGI Security Advisory: 20040604-01-U ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1 http://marc.info/?l=bugtraq&m=108619250923790&w=2 XForce ISS Database: Kerberos-krb5anametolocalname-bo(16268) https://exchange.xforce.ibmcloud.com/vulnerabilities/16268 Common Vulnerability Exposure (CVE) ID: CVE-2004-0642 BugTraq ID: 11078 http://www.securityfocus.com/bid/11078 Bugtraq: 20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos) (Google Search) http://marc.info/?l=bugtraq&m=109508872524753&w=2 Cert/CC Advisory: TA04-247A http://www.us-cert.gov/cas/techalerts/TA04-247A.html CERT/CC vulnerability note: VU#795632 http://www.kb.cert.org/vuls/id/795632 Debian Security Information: DSA-543 (Google Search) http://www.debian.org/security/2004/dsa-543 http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10709 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4936 RedHat Security Advisories: RHSA-2004:350 http://rhn.redhat.com/errata/RHSA-2004-350.html http://www.trustix.net/errata/2004/0045/ XForce ISS Database: kerberos-kdc-double-free(17157) https://exchange.xforce.ibmcloud.com/vulnerabilities/17157 Common Vulnerability Exposure (CVE) ID: CVE-2004-0643 CERT/CC vulnerability note: VU#866472 http://www.kb.cert.org/vuls/id/866472 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10267 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3322 XForce ISS Database: kerberos-krb5rdcred-double-free(17159) https://exchange.xforce.ibmcloud.com/vulnerabilities/17159 Common Vulnerability Exposure (CVE) ID: CVE-2004-0772 CERT/CC vulnerability note: VU#350792 http://www.kb.cert.org/vuls/id/350792 http://www.mandriva.com/security/advisories?name=MDKSA-2004:088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4661 XForce ISS Database: kerberos-krb524d-double-free(17158) https://exchange.xforce.ibmcloud.com/vulnerabilities/17158 Common Vulnerability Exposure (CVE) ID: CVE-2004-0644 BugTraq ID: 11079 http://www.securityfocus.com/bid/11079 CERT/CC vulnerability note: VU#550464 http://www.kb.cert.org/vuls/id/550464 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2139 XForce ISS Database: kerberos-asn1-library-dos(17160) https://exchange.xforce.ibmcloud.com/vulnerabilities/17160
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.