CentOS ProjectCESA-2010:0926krb5 security update
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
5.1 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%
CentOS Errata and Security Advisory CESA-2010:0926
Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).
Multiple checksum validation flaws were discovered in the MIT Kerberos
implementation. A remote attacker could use these flaws to tamper with
certain Kerberos protocol packets and, possibly, bypass authentication
mechanisms in certain configurations using Single-use Authentication
Mechanisms. (CVE-2010-1323)
Red Hat would like to thank the MIT Kerberos Team for reporting these
issues.
All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing the updated
packages, the krb5kdc daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-December/079365.html
https://lists.centos.org/pipermail/centos-announce/2010-December/079366.html
https://lists.centos.org/pipermail/centos-announce/2010-December/079369.html
https://lists.centos.org/pipermail/centos-announce/2010-December/079370.html
https://lists.centos.org/pipermail/centos-announce/2010-November/079365.html
https://lists.centos.org/pipermail/centos-announce/2010-November/079366.html
Affected packages:
krb5-devel
krb5-libs
krb5-server
krb5-workstation
Upstream details at:
https://access.redhat.com/errata/None
https://access.redhat.com/errata/RHSA-2010:0926
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 5 | i386 | krb5-devel | < 1.6.1-36.el5_5.6 | krb5-devel-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | i386 | krb5-libs | < 1.6.1-36.el5_5.6 | krb5-libs-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | i386 | krb5-server | < 1.6.1-36.el5_5.6 | krb5-server-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | i386 | krb5-workstation | < 1.6.1-36.el5_5.6 | krb5-workstation-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | i386 | krb5-devel | < 1.6.1-36.el5_5.6 | krb5-devel-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | x86_64 | krb5-devel | < 1.6.1-36.el5_5.6 | krb5-devel-1.6.1-36.el5_5.6.x86_64.rpm |
| CentOS | 5 | i386 | krb5-libs | < 1.6.1-36.el5_5.6 | krb5-libs-1.6.1-36.el5_5.6.i386.rpm |
| CentOS | 5 | x86_64 | krb5-libs | < 1.6.1-36.el5_5.6 | krb5-libs-1.6.1-36.el5_5.6.x86_64.rpm |
| CentOS | 5 | x86_64 | krb5-server | < 1.6.1-36.el5_5.6 | krb5-server-1.6.1-36.el5_5.6.x86_64.rpm |
| CentOS | 5 | x86_64 | krb5-workstation | < 1.6.1-36.el5_5.6 | krb5-workstation-1.6.1-36.el5_5.6.x86_64.rpm |
Related
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
5.1 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%