Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 183338
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Heath Caldwell <hncaldwell@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 183338 depends on: Show dependency tree
Bug 183338 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-06-26 23:11 0000 
* VU#356961 - MIT Kerberos RPC library gssrpc__svcauth_gssapi() uninitialized
pointer free vulnerability
      A vulnerability in the MIT Kerberos administration daemon (kadmind) may
allow an uninitialized pointer to be freed, which may allow a remote,
unauthenticated user to execute arbitrary code. This vulnerability can be
triggered by sending a specially crafted Kerberos message to a vulnerable
system.

    * VU#365313 - MIT Kerberos kadmind RPC library gssrpc__svcauth_unix()
integer conversion error
      An integer conversion error vulnerability exists in the MIT Kerberos
kadmind that may allow a remote, unauthenticated user to execute arbitrary
code.

    * VU#554257 - MIT Kerberos kadmind principal renaming stack buffer overflow
      A stack buffer overflow exists in the way the MIT Kerberos kadmind
handles the principle renaming operation, which may allow a remote,
authenticated user to execute arbitrary code.


Reproducible: Didn't try

Steps to Reproduce:




May also be related to:
CVE-2007-2442 krb5 RPC library unitialized pointer free,                        
CVE-2007-2443 krb5 RPC library stack overflow, and  
CVE-2007-2798 krb5 kadmind buffer overflow,
which are still under review.

------- Comment #1 From Sune Kloppenborg Jeppesen 2007-06-28 04:50:12 0000 ------- 
Kerberos please provide the updated ebuild.

------- Comment #2 From Seemant Kulleen (RETIRED) 2007-07-03 14:48:03 0000 ------- 
mit-krb5-1.5.2-r3 and mit-krb5-1.5.3 both solve this bug.

Please stable both, if possible.

------- Comment #3 From Sune Kloppenborg Jeppesen 2007-07-15 07:43:49 0000 ------- 
Sorry for calling arches SO late, I've been out of the loop for a few weeks.

Arches please test and mark stable mit-krb5-1.5.2-r3 or mit-krb5-1.5.3. Target
keywords are:

"alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"

------- Comment #4 From Raúl Porcel 2007-07-15 13:09:26 0000 ------- 
alpha/ia64/x86 stable

------- Comment #5 From Steve Dibb 2007-07-15 16:28:36 0000 ------- 
amd64 stable

------- Comment #6 From Tobias Scherbaum 2007-07-15 21:02:06 0000 ------- 
ppc stable

------- Comment #7 From Jeroen Roovers 2007-07-16 07:18:55 0000 ------- 
Both stable for HPPA.

------- Comment #8 From Gustavo Zacarias (RETIRED) 2007-07-16 12:08:17 0000 ------- 
sparc stable.

------- Comment #9 From Markus Rothe 2007-07-16 18:58:12 0000 ------- 
=app-crypt/mit-krb5-1.5.3 stable on ppc64

------- Comment #10 From Raphael Marichez 2007-07-25 22:32:00 0000 ------- 
GLSA 200707-11, thanks to everybody !
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug