Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-916-1: Kerberos vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-916-1: Kerberos vulnerabilities
# 1  
Old 03-23-2010
USN-916-1: Kerberos vulnerabilities
Referenced CVEs:
CVE-2010-0283, CVE-2010-0628


Description:
=========================================================== Ubuntu Security Notice USN-916-1 March 23, 2010 krb5 vulnerabilities CVE-2010-0283, CVE-2010-0628 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: krb5-kdc 1.7dfsg~beta3-1ubuntu0.5 libgssapi-krb5-2 1.7dfsg~beta3-1ubuntu0.5 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Emmanuel Bouillon discovered that Kerberos did not correctly handle certain message types. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC to crash, leading to a denial of service. (CVE-2010-0283) Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered that Kerberos did not correctly handle certain GSS packets. An unauthenticated remote attacker could send specially crafted traffic that would cause services using GSS-API to crash, leading to a denial of service. (CVE-2010-0628)





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

sssd_krb5_locator_plugin

SSSD_KRB5_LOCATOR_PL(8) 					 SSSD Manual pages					   SSSD_KRB5_LOCATOR_PL(8)

NAME

       sssd_krb5_locator_plugin - the configuration file for SSSD

DESCRIPTION

       The Kerberos locator plugin sssd_krb5_locator_plugin is used by the Kerberos provider of sssd(8) to tell the Kerberos libraries what Realm
       and which KDC to use. Typically this is done in krb5.conf(5) which is always read by the Kerberos libraries. To simplify the configuration
       the Realm and the KDC can be defined in sssd.conf(5) as described in sssd-krb5(5)

       sssd(8) puts the Realm and the name or IP address of the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively.
       When sssd_krb5_locator_plugin is called by the kerberos libraries it reads and evaluates these variables and returns them to the libraries.

NOTES

       Not all Kerberos implementations support the use of plugins. If sssd_krb5_locator_plugin is not available on your system you have to edit
       /etc/krb5.conf to reflect your Kerberos setup.

       If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value debug messages will be sent to stderr.

SEE ALSO

       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
       sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).

AUTHORS

       The SSSD upstream - http://fedorahosted.org/sssd

SSSD
								    06/17/2014						   SSSD_KRB5_LOCATOR_PL(8)