English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-52
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 26 Apr 2005
 Last revised: 26 Apr 2005

 Package: krb5

 Summary: Two buffer overflow vulnerabilities exist in krb5

 More information:
    Kerberos V5 is a trusted-third-party network authentication system,
    which can improve your network's security by eliminating the use of
    insecure cleartext passwords.

    The buffer overflow vulnerabilities exist in telnet clients of krb5.

 Impact:
    The telnet clients allows remote attackers to execute arbitrary code via responses.

 Affected Products:
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server

 Solution:
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., 
  Turbolinux Home]
 # turbopkg
 or
 # zabom -u krb5-devel krb5-libs krb5-server krb5-workstation

 [other]
 # turbopkg
 or
 # zabom update krb5-devel krb5-libs krb5-server krb5-workstation
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   krb5-1.2.5-18.src.rpm
      5519472 900512ff99a20bdcbbe69e782a671c04

   Binary Packages
   Size: MD5

   krb5-devel-1.2.5-18.i586.rpm
       538594 243a675acc6aba38641d1a5da1ecc04f
   krb5-libs-1.2.5-18.i586.rpm
       639233 d33b35b24de27b31b0081c8dc297acef

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   krb5-1.2.5-18.src.rpm
      5519472 31f0c47ce519b06a206a1e2f70a2757e

   Binary Packages
   Size: MD5

   krb5-devel-1.2.5-18.i586.rpm
       538570 45eb8f3de7e2f2d46490a9e70dc85077
   krb5-libs-1.2.5-18.i586.rpm
       638407 b6f40e4b62c29a6b5e777f711e5399e7

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/krb5-1.3.4-10.src.rpm
      6399491 1046c2bb5566120ebec50e625843ba4b

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/krb5-debug-1.3.4-10.i586.rpm
      4015252 9d46dc7011bc074b9a6fbca786952f53
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/krb5-devel-1.3.4-10.i586.rpm
       655311 4bc281299d64f3e11134d2b40cdb6ba7
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/krb5-libs-1.3.4-10.i586.rpm
       431665 df8ca024c3625283e9d335a1796b43f0
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/krb5-server-1.3.4-10.i586.rpm
       779563 7e531354016676443e04fbbcd361631c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/krb5-workstation-1.3.4-10.i586.rpm
       839268 00404946b436d1970274ee7ac9cf1d4d

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/krb5-1.2.5-18.src.rpm
      5519472 ffd42d387b096a32caa12fa418b283c6

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/krb5-devel-1.2.5-18.i586.rpm
       578358 71fd4dce17c324b479ed4ddca5e90963
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/krb5-libs-1.2.5-18.i586.rpm
       343394 58422caf94dc2f6746e37772b4e8345c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/krb5-server-1.2.5-18.i586.rpm
       602208 d93f512514868f9e3215d8d87ceddc9a
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/krb5-workstation-1.2.5-18.i586.rpm
       591765 bcc8ce4107acb3cad8dc0c174b4a0e09

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/krb5-1.2.5-18.src.rpm
      5519472 2eecee1b24c95331517e248d9d4dadaa

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/krb5-devel-1.2.5-18.i586.rpm
       576810 70b3d38d19eb9e03e4795a239f6728b4
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/krb5-libs-1.2.5-18.i586.rpm
       639002 442bb06f745c37154b83326f8b311298
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/krb5-server-1.2.5-18.i586.rpm
       603351 ecfe330d46ef252b8bd2188229622c18
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/krb5-workstation-1.2.5-18.i586.rpm
       602619 4c7ce1ee7c8fb1267805351c43428f19


 References:

 CVE
   [CAN-2005-0468]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
   [CAN-2005-0469]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469

 --------------------------------------------------------------------------
 Revision History
    26 Apr 2005 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2005 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFCbgdNK0LzjOqIJMwRAmlsAKCJKWXcIES2saaxko+w9lT5yVJpkgCgmrdE
JG5rWrAS+t6cWUKRYbB4QdE=
=bEk6
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.