183338 2007-06-26 23:11 0000 app-crypt/mit-krb5 uninitialized pointer free, integer conversion, stack buffer overflow (CVE-2007-{2442|2443|2798}) 2007-08-04 11:15:40 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.us-cert.gov/cas/techalerts/TA07-177A.html B0? [glsa] jaervosz P2 critical --- 1 hncaldwell@gentoo.org security@gentoo.org henson@acm.org kerberos@gentoo.org mips@gentoo.org hncaldwell@gentoo.org 2007-06-26 23:11:37 0000 * VU#356961 - MIT Kerberos RPC library gssrpc__svcauth_gssapi() uninitialized pointer free vulnerability A vulnerability in the MIT Kerberos administration daemon (kadmind) may allow an uninitialized pointer to be freed, which may allow a remote, unauthenticated user to execute arbitrary code. This vulnerability can be triggered by sending a specially crafted Kerberos message to a vulnerable system. * VU#365313 - MIT Kerberos kadmind RPC library gssrpc__svcauth_unix() integer conversion error An integer conversion error vulnerability exists in the MIT Kerberos kadmind that may allow a remote, unauthenticated user to execute arbitrary code. * VU#554257 - MIT Kerberos kadmind principal renaming stack buffer overflow A stack buffer overflow exists in the way the MIT Kerberos kadmind handles the principle renaming operation, which may allow a remote, authenticated user to execute arbitrary code. Reproducible: Didn't try Steps to Reproduce: May also be related to: CVE-2007-2442 krb5 RPC library unitialized pointer free, CVE-2007-2443 krb5 RPC library stack overflow, and CVE-2007-2798 krb5 kadmind buffer overflow, which are still under review. jaervosz@gentoo.org 2007-06-28 04:50:12 0000 Kerberos please provide the updated ebuild. seemant@gentoo.org 2007-07-03 14:48:03 0000 mit-krb5-1.5.2-r3 and mit-krb5-1.5.3 both solve this bug. Please stable both, if possible. jaervosz@gentoo.org 2007-07-15 07:43:49 0000 Sorry for calling arches SO late, I've been out of the loop for a few weeks. Arches please test and mark stable mit-krb5-1.5.2-r3 or mit-krb5-1.5.3. Target keywords are: "alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86" armin76@gentoo.org 2007-07-15 13:09:26 0000 alpha/ia64/x86 stable beandog@gentoo.org 2007-07-15 16:28:36 0000 amd64 stable dertobi123@gentoo.org 2007-07-15 21:02:06 0000 ppc stable jer@gentoo.org 2007-07-16 07:18:55 0000 Both stable for HPPA. gustavoz@gentoo.org 2007-07-16 12:08:17 0000 sparc stable. corsair@gentoo.org 2007-07-16 18:58:12 0000 =app-crypt/mit-krb5-1.5.3 stable on ppc64 falco@gentoo.org 2007-07-25 22:32:00 0000 GLSA 200707-11, thanks to everybody !