It seems there's a buffer overflow in MIT's kerberos 5. ``The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service. (See MITIGATING FACTORS below.) No exploits are known to exist yet.'' It seems that most servers will not be configured in a way that makes them vulnerable, but if vulnerable, an authenticated user could execute code remotely. See the advisory for more information. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Patch for 1.3.3 available at : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt netmon : please apply patch and bump to 1.3.3-r1
kerberos vuln.. who would of ever guessed
Patch has been recently updated at given URL. netmon does not have much time for the moment, so security can apply patch with their blessing. If anyone with commit feels like it...
netmon herd : if you have more disponibilities now to patch this, as noone in the security team stepped up yet... We are getting quite late.
Sorry this took so long; I haven't done any security-related bugs before, but seeing as no one else has worked on this, could everyone please test 1.3.3-r1 which I just put into portage with the suggested patch?
Thank you Jon. Adding all arches for testing : please test and mark app-crypt/mit-krb5-1.3.3-r1 stable.
Stable on alpha.
Stable on sparc.
Stable on hppa.
GLSA drafted: security please review. x86 ppc amd64 please mark stable asap.
sorry for delay, marked arm stable btw, wtf is this for: CFLAGS=`echo ${CFLAGS} | xargs` CXXFLAGS=`echo ${CXXFLAGS} | xargs` LDFLAGS=`echo ${LDFLAGS} | xargs`
We're getting very late on that one. Other distributions have advisories out since June 2... x86, ppc, amd64 : please mark stable so that the GLSA can go out... or report why you can't mark stable.
I have tested this on stable x86 servers and other systems- it works fine. I marked it stable on x86 since I got tired of waiting.
stable on amd64.
Stable on mips yesterday, removing CC.
Eventually marked ppc, sorry but I was busy
This is ready for GLSA publication. ia64,ppc64,s390 : don't forget to mark stable to benefit from the GLSA.
glsa 200406-21
1.3.1-r1 marked stable on ppc64