Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-881-1: Kerberos vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-881-1: Kerberos vulnerability
# 1  
Old 01-12-2010
USN-881-1: Kerberos vulnerability
Referenced CVEs:
CVE-2009-4212


Description:
=========================================================== Ubuntu Security Notice USN-881-1 January 12, 2010 krb5 vulnerability CVE-2009-4212 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libkrb53 1.4.3-5ubuntu0.10 Ubuntu 8.04 LTS: libkrb53 1.6.dfsg.3~beta1-2ubuntu1.3 Ubuntu 8.10: libkrb53 1.6.dfsg.4~beta1-3ubuntu0.3 Ubuntu 9.04: libkrb53 1.6.dfsg.4~beta1-5ubuntu2.2 Ubuntu 9.10: libk5crypto3 1.7dfsg~beta3-1ubuntu0.3 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Kerberos did not correctly handle invalid AES blocks. An unauthenticated remote attacker could send specially crafted traffic that would crash the KDC service, leading to a denial of service, or possibly execute arbitrary code with root privileges.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

krb5-config

KRB5-CONFIG(1)						      General Commands Manual						    KRB5-CONFIG(1)

NAME

       krb5-config - tool for linking against MIT Kerberos libraries

SYNOPSIS

       krb5-config [ --help | --all | --version | --vendor | --prefix | --exec-prefix | --cflags | --libs libraries ]

DESCRIPTION

       krb5-config  tells  the	application  programmer  what  special	flags  to  use to compile and link programs against the installed Kerberos
       libraries.

OPTIONS

       --help print usage message.  This is the default.

       --all  prints version, vendor, prefix and exec-prefix.

       --version
	      prints the version of the installed Kerberos implementation.

       --vendor
	      prints the vendor of the installed Kerberos implementation.

       --prefix
	      prints the prefix with which Kerberos was built.

       --exec-prefix
	      prints the exec-prefix with which Kerberos was built.

       --cflags
	      prints the compiler flags with which Kerberos was built.

       --libs libraries
	      list compiler options required to link with libraries.  Possible values for libraries are:

		   krb5 	Kerberos 5 application
		   gssapi	GSSAPI application with Kerberos 5 bindings
		   kadm-client	Kadmin client
		   kadm-server	Kadmin server
		   kdb		Application that accesses the kerberos database

SEE ALSO

       kerberos(1), cc(1)

																    KRB5-CONFIG(1)