Description: | Description:
The remote host is missing updates announced in advisory FLSA-2005:154276.
Several buffer overflows were possible for all Kerberos versions up to and including 1.3.3 in the krb5_aname_to_localname library function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0523 to this issue.
Several double-free bugs were found in the Kerberos 5 KDC and libraries. A remote attacker could potentially exploit these flaws to execuate arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0642 and CVE-2004-0643 to these issues.
A double-free bug was also found in the krb524 server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0772 to this issue.
An infinite loop bug was found in the Kerberos 5 ASN.1 decoder library. A remote attacker may be able to trigger this flaw and cause a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.
A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This bug could allow an authenticated remote attacker to execute arbitrary commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1189 to this issue.
Additionally a temporary file bug was found in the Kerberos krb5-send-pr program. It is possible that an attacker could create a temporary file that would allow an arbitrary file to be overwritten which the victim has write access to. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0971 to this issue.
The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-0468 and CVE-2005-0469 to these issues.
All users of krb5 should upgrade to these updated packages, which contain backported security patches to resolve these issues.
Affected platforms: Redhat 7.3 Redhat 9 Fedora Core 1
Solution: https://secure1.securityspace.com/smysecure/catid.html?in=FLSA-2005:154276
Risk factor : Critical
CVSS Score: 10.0
|