ID KERBEROS5_ISSUES.NASL Type nessus Reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. Modified 2021-01-02T00:00:00
Description
The remote host is running Kerberos 5.
There are multiple flaws that affect this product. Make sure you are
running the latest version with the latest patches.
Note that Nessus could not check for any of the flaws and solely
relied on the presence of the service to issue an alert, so this might
be a false positive.
#
# (C) Tenable Network Security, Inc.
#
# This script simply attempts to log into the realm FR.NESSUS.ORG
# with a username of "whatever". It does not check for any flaw (which
# is bad), but that may change in the future.
#
include("compat.inc");
if (description)
{
script_id(11512);
script_version("1.26");
script_cvs_date("Date: 2018/07/12 19:01:16");
script_cve_id(
"CVE-2002-0036",
"CVE-2003-0059",
"CVE-2003-0060",
"CVE-2003-0072",
"CVE-2003-0082",
"CVE-2003-0138",
"CVE-2003-0139",
"CVE-2004-0642",
"CVE-2004-0643",
"CVE-2004-0644",
"CVE-2004-0772"
);
script_bugtraq_id(
6712,
6713,
6714,
7184,
7185,
11078,
11079
);
script_xref(name:"RHSA", value:"2003:091-01");
script_name(english:"Kerberos 5 < 1.3.5 Multiple Vulnerabilities");
script_summary(english:"Check for kerberos");
script_set_attribute(attribute:"synopsis", value:
"It may be possible to execute arbitrary code on the remote Kerberos
server.");
script_set_attribute(attribute:"description", value:
"The remote host is running Kerberos 5.
There are multiple flaws that affect this product. Make sure you are
running the latest version with the latest patches.
Note that Nessus could not check for any of the flaws and solely
relied on the presence of the service to issue an alert, so this might
be a false positive.");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?34bb0fc8");
script_set_attribute(attribute:"solution", value:"Upgrade to Kerberos 5 (krb5) 1.3.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(119);
script_set_attribute(attribute:"vuln_publication_date", value:"2004/08/31");
script_set_attribute(attribute:"patch_publication_date", value:"2004/08/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2003/04/03");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.");
script_family(english:"Misc.");
script_require_keys("Settings/ParanoidReport");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
if (report_paranoia < 2) audit(AUDIT_PARANOID);
name = "whatever";
len = strlen(name);
#len = 1024;
if(len > 256)
{
len = raw_string(0x82, len / 256, len % 256);
#len = raw_string(0x84, 0x7F, 0xFF, 0xFF, 0xFF);
}
else len = raw_string(len % 256);
pk_lenE = 12 + strlen(name);
if(strlen(name) > 256)
pk_lenE = raw_string(0x82, pk_lenE / 256, pk_lenE % 256);
else
pk_lenE = raw_string( pk_lenE % 256);
pk_lenD = 186 + strlen(name);
if(strlen(name) > 256)pk_lenD += 14;
if(pk_lenD > 256)
pk_lenD = raw_string(0x82, pk_lenD / 256, pk_lenD % 256);
else
pk_lenD = raw_string(0x81, pk_lenD % 256);
pk_lenC = 183 + strlen(name);
if(strlen(name) > 256)pk_lenC += 12;
if(pk_lenC > 256)
pk_lenC = raw_string(0x82, pk_lenC / 256, pk_lenC % 256);
else
pk_lenC = raw_string(0x81, pk_lenC % 256);
pk_lenB = 170 + strlen(name);
if(strlen(name) > 256)pk_lenB += 10;
if(pk_lenB > 256)
pk_lenB = raw_string(0x82, pk_lenB / 256, pk_lenB % 256);
else
pk_lenB = raw_string(0x81, pk_lenB % 256);
pk_lenA = 167 + strlen(name);
if(strlen(name) > 256)pk_lenA += 8;
if(pk_lenA > 256)
pk_lenA = raw_string(0x82, pk_lenA / 256, pk_lenA % 256);
else
pk_lenA = raw_string(0x81, pk_lenA % 256);
pk_len0 = 11 + strlen(name);
if(strlen(name) > 256) pk_len0 += 6;
if(pk_len0 > 256)
{
pk_len0 = raw_string(0x82, pk_len0 / 256, pk_len0 % 256);
}
else pk_len0 = raw_string(pk_len0 % 256);
pk_len1 = 4 + strlen(name);
if(strlen(name) > 256) pk_len1 += 4;
if(pk_len1 > 256)
{
pk_len1 = raw_string(0x82, pk_len1 / 256, pk_len1 % 256);
}
else pk_len1 = raw_string(pk_len1 % 256);
pk_len2 = 2 + strlen(name);
if(strlen(name) > 256) pk_len2 += 2;
if(pk_len2 > 256)
{
pk_len2 = raw_string(0x82, pk_len2 / 256, pk_len2 % 256);
}
else pk_len2 = raw_string(pk_len2 % 256);
req = raw_string(
0x6A) + pk_lenD + raw_string(0x30)+ pk_lenC + raw_string(0xA1, 0x03,
0x02, 0x01, 0x05, 0xA2, 0x03,
0x02, 0x01, 0x0A, 0xA4) + pk_lenB + raw_string(0x30) + pk_lenA +
raw_string(
0xA0, 0x07, 0x03, 0x05, # ??
0x00, 0x00, 0x00, 0x00, 0x00, 0xA1)+ pk_lenE + raw_string(
0x30) + pk_len0 + raw_string(0xA0, 0x03,
0x02, 0x01, 0x01,
0xA1) + pk_len1 + raw_string( 0x30) + pk_len2 +
raw_string(0x1B) + len + name + raw_string(
0xA2, 0x0F, 0x1B, 0x0D,
0x46, 0x52, 0x2E, 0x4E, 0x45, 0x53, 0x53, 0x55,
0x53, 0x2E, 0x4F, 0x52, 0x47, 0xA3, 0x22, 0x30,
0x20, 0xA0, 0x03, 0x02, 0x01, 0x00, 0xA1, 0x19,
0x30, 0x17, 0x1B, 0x06, 0x6B, 0x72, 0x62, 0x74,
0x67, 0x74, 0x1B, 0x0D, 0x46, 0x52, 0x2E, 0x4E,
0x45, 0x53, 0x53, 0x55, 0x53, 0x2E, 0x4F, 0x52,
0x47, 0xA4, 0x11, 0x18, 0x0F, 0x32, 0x30, 0x30,
0x33, 0x30, 0x34, 0x30, 0x33, 0x31, 0x32, 0x35,
0x37, 0x33, 0x38, 0x5A, 0xA5, 0x11, 0x18, 0x0F,
0x32, 0x30, 0x30, 0x33, 0x30, 0x34, 0x30, 0x33,
0x32, 0x32, 0x35, 0x37, 0x33, 0x38, 0x5A, 0xA7,
0x06, 0x02, 0x04, 0x3E, 0x8c, 0x2f, 0xC2, 0xA8,
0x08, 0x30, 0x06, 0x02, 0x01, 0x10, 0x02, 0x01,
0x01, 0xA9, 0x20, 0x30, 0x1E, 0x30, 0x0D, 0xA0,
0x03, 0x02, 0x01, 0x02, 0xA1, 0x06, 0x04, 0x04,
0x0A, 0xA3, 0x9c, 0x12, 0x30, 0x0D, 0xA0, 0x03,
0x02, 0x01, 0x02, 0xA1, 0x06, 0x04, 0x04, 0x0A,
0xA3, 0x9F, 0x01);
foreach port (make_list(88, 750))
if (get_udp_port_state(port))
{
soc = open_sock_udp(port);
send(socket:soc, data:req);
r = recv(socket:soc, length:4096);
close(soc);
if(strlen(r) > 10 && ord(r[10]) == 5)
{
security_hole(port:port, proto:"udp");
}
}
{"id": "KERBEROS5_ISSUES.NASL", "bulletinFamily": "scanner", "title": "Kerberos 5 < 1.3.5 Multiple Vulnerabilities", "description": "The remote host is running Kerberos 5.\n\nThere are multiple flaws that affect this product. Make sure you are\nrunning the latest version with the latest patches.\n\nNote that Nessus could not check for any of the flaws and solely\nrelied on the presence of the service to issue an alert, so this might\nbe a false positive.", "published": "2003-04-03T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/11512", "reporter": "This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?34bb0fc8"], "cvelist": ["CVE-2004-0644", "CVE-2003-0082", "CVE-2003-0072", "CVE-2004-0643", "CVE-2004-0642", "CVE-2003-0059", "CVE-2003-0060", "CVE-2004-0772", "CVE-2003-0138", "CVE-2003-0139", "CVE-2002-0036"], "type": "nessus", "lastseen": "2021-01-01T03:19:47", "edition": 22, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "redhat", "idList": ["RHSA-2004:448", "RHSA-2003:052", "RHSA-2004:350"]}, {"type": "nessus", "idList": ["FEDORA_2004-277.NASL", "MANDRAKE_MDKSA-2004-088.NASL", "MANDRAKE_MDKSA-2003-043.NASL", "DEBIAN_DSA-543.NASL", "GENTOO_GLSA-200409-09.NASL", "REDHAT-RHSA-2003-052.NASL", "REDHAT-RHSA-2004-350.NASL", "FEDORA_2004-276.NASL", "REDHAT-RHSA-2004-448.NASL", "DEBIAN_DSA-266.NASL"]}, {"type": "cve", "idList": ["CVE-2003-0082", "CVE-2004-0643", "CVE-2003-0139", "CVE-2003-0072", "CVE-2003-0059", "CVE-2003-0138", "CVE-2004-0644", "CVE-2002-0036", "CVE-2004-0642", "CVE-2003-0060"]}, {"type": "openvas", "idList": ["OPENVAS:53233", "OPENVAS:52401", "OPENVAS:53351", "OPENVAS:53339", "OPENVAS:52402", "OPENVAS:54666", "OPENVAS:53342", "OPENVAS:53337"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6734", "SECURITYVULNS:DOC:6723", "SECURITYVULNS:DOC:6706", "SECURITYVULNS:DOC:6705"]}, {"type": "gentoo", "idList": ["GLSA-200409-09"]}, {"type": "debian", "idList": ["DEBIAN:DSA-273-1:CB48A", "DEBIAN:DSA-269-1:F107E", "DEBIAN:DSA-266-1:FD10A", "DEBIAN:DSA-543-1:86473", "DEBIAN:DSA-269-2:C9170"]}, {"type": "cisco", "idList": ["CISCO-SA-20040831-KRB5"]}, {"type": "freebsd", "idList": ["86A98B57-FB8E-11D8-9343-000A95BC6FAE", "BD60922B-FB8D-11D8-A13E-000A95BC6FAE"]}, {"type": "cert", "idList": ["VU:787523", "VU:442569", "VU:550464", "VU:587579", "VU:684563", "VU:350792", "VU:795632", "VU:866472", "VU:623217"]}, {"type": "osvdb", "idList": ["OSVDB:4868", "OSVDB:4879", "OSVDB:9407", "OSVDB:4869", "OSVDB:4896", "OSVDB:4902", "OSVDB:9406", "OSVDB:9408", "OSVDB:4887", "OSVDB:4901"]}], "modified": "2021-01-01T03:19:47", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-01-01T03:19:47", "rev": 2}, "vulnersScore": 6.8}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# This script simply attempts to log into the realm FR.NESSUS.ORG\n# with a username of \"whatever\". It does not check for any flaw (which\n# is bad), but that may change in the future.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(11512);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2002-0036\",\n \"CVE-2003-0059\",\n \"CVE-2003-0060\",\n \"CVE-2003-0072\",\n \"CVE-2003-0082\",\n \"CVE-2003-0138\",\n \"CVE-2003-0139\",\n \"CVE-2004-0642\",\n \"CVE-2004-0643\",\n \"CVE-2004-0644\",\n \"CVE-2004-0772\"\n);\n script_bugtraq_id(\n 6712,\n 6713,\n 6714,\n 7184,\n 7185,\n 11078,\n 11079\n);\n script_xref(name:\"RHSA\", value:\"2003:091-01\");\n\n script_name(english:\"Kerberos 5 < 1.3.5 Multiple Vulnerabilities\");\n script_summary(english:\"Check for kerberos\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possible to execute arbitrary code on the remote Kerberos\nserver.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Kerberos 5.\n\nThere are multiple flaws that affect this product. Make sure you are\nrunning the latest version with the latest patches.\n\nNote that Nessus could not check for any of the flaws and solely\nrelied on the presence of the service to issue an alert, so this might\nbe a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34bb0fc8\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Kerberos 5 (krb5) 1.3.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2003/04/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Misc.\");\n\n script_require_keys(\"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n\nname = \"whatever\";\n\nlen = strlen(name);\n#len = 1024;\nif(len > 256)\n{\n len = raw_string(0x82, len / 256, len % 256);\n#len = raw_string(0x84, 0x7F, 0xFF, 0xFF, 0xFF);\n}\nelse len = raw_string(len % 256);\n\npk_lenE = 12 + strlen(name);\nif(strlen(name) > 256)\n pk_lenE = raw_string(0x82, pk_lenE / 256, pk_lenE % 256);\nelse\n pk_lenE = raw_string( pk_lenE % 256);\n\n\npk_lenD = 186 + strlen(name);\nif(strlen(name) > 256)pk_lenD += 14;\nif(pk_lenD > 256)\n pk_lenD = raw_string(0x82, pk_lenD / 256, pk_lenD % 256);\nelse\n pk_lenD = raw_string(0x81, pk_lenD % 256);\n\n\n\npk_lenC = 183 + strlen(name);\nif(strlen(name) > 256)pk_lenC += 12;\nif(pk_lenC > 256)\n pk_lenC = raw_string(0x82, pk_lenC / 256, pk_lenC % 256);\nelse\n pk_lenC = raw_string(0x81, pk_lenC % 256);\n\n\npk_lenB = 170 + strlen(name);\nif(strlen(name) > 256)pk_lenB += 10;\nif(pk_lenB > 256)\n pk_lenB = raw_string(0x82, pk_lenB / 256, pk_lenB % 256);\nelse\n pk_lenB = raw_string(0x81, pk_lenB % 256);\n\n\npk_lenA = 167 + strlen(name);\nif(strlen(name) > 256)pk_lenA += 8;\nif(pk_lenA > 256)\n pk_lenA = raw_string(0x82, pk_lenA / 256, pk_lenA % 256);\nelse\n pk_lenA = raw_string(0x81, pk_lenA % 256);\n\n\npk_len0 = 11 + strlen(name);\nif(strlen(name) > 256) pk_len0 += 6;\nif(pk_len0 > 256)\n{\n pk_len0 = raw_string(0x82, pk_len0 / 256, pk_len0 % 256);\n}\nelse pk_len0 = raw_string(pk_len0 % 256);\n\npk_len1 = 4 + strlen(name);\nif(strlen(name) > 256) pk_len1 += 4;\nif(pk_len1 > 256)\n{\n pk_len1 = raw_string(0x82, pk_len1 / 256, pk_len1 % 256);\n}\nelse pk_len1 = raw_string(pk_len1 % 256);\n\npk_len2 = 2 + strlen(name);\nif(strlen(name) > 256) pk_len2 += 2;\n\nif(pk_len2 > 256)\n{\n pk_len2 = raw_string(0x82, pk_len2 / 256, pk_len2 % 256);\n}\nelse pk_len2 = raw_string(pk_len2 % 256);\n\n\n\nreq = raw_string(\n\t\t 0x6A) + pk_lenD + raw_string(0x30)+ pk_lenC + raw_string(0xA1, 0x03,\n\t\t 0x02, 0x01, 0x05, 0xA2, 0x03,\n\t\t 0x02, 0x01, 0x0A, 0xA4) + pk_lenB + raw_string(0x30) + pk_lenA +\n\t\t raw_string(\n\t\t 0xA0, 0x07, 0x03, 0x05, # ??\n\t\t 0x00, 0x00, 0x00, 0x00, 0x00, 0xA1)+ pk_lenE + raw_string(\n\t\t 0x30) + pk_len0 + raw_string(0xA0, 0x03,\n\t\t 0x02, 0x01, 0x01,\n\t\t 0xA1) + pk_len1 + raw_string( 0x30) + pk_len2 +\n\t\t raw_string(0x1B) + len + name + raw_string(\n\t\t 0xA2, 0x0F, 0x1B, 0x0D,\n\t\t 0x46, 0x52, 0x2E, 0x4E, 0x45, 0x53, 0x53, 0x55,\n\t\t 0x53, 0x2E, 0x4F, 0x52, 0x47, 0xA3, 0x22, 0x30,\n\t\t 0x20, 0xA0, 0x03, 0x02, 0x01, 0x00, 0xA1, 0x19,\n\t\t 0x30, 0x17, 0x1B, 0x06, 0x6B, 0x72, 0x62, 0x74,\n\t\t 0x67, 0x74, 0x1B, 0x0D, 0x46, 0x52, 0x2E, 0x4E,\n\t\t 0x45, 0x53, 0x53, 0x55, 0x53, 0x2E, 0x4F, 0x52,\n\t\t 0x47, 0xA4, 0x11, 0x18, 0x0F, 0x32, 0x30, 0x30,\n\t\t 0x33, 0x30, 0x34, 0x30, 0x33, 0x31, 0x32, 0x35,\n\t\t 0x37, 0x33, 0x38, 0x5A, 0xA5, 0x11, 0x18, 0x0F,\n\t\t 0x32, 0x30, 0x30, 0x33, 0x30, 0x34, 0x30, 0x33,\n\t\t 0x32, 0x32, 0x35, 0x37, 0x33, 0x38, 0x5A, 0xA7,\n\t\t 0x06, 0x02, 0x04, 0x3E, 0x8c, 0x2f, 0xC2, 0xA8,\n\t\t 0x08, 0x30, 0x06, 0x02, 0x01, 0x10, 0x02, 0x01,\n\t\t 0x01, 0xA9, 0x20, 0x30, 0x1E, 0x30, 0x0D, 0xA0,\n\t\t 0x03, 0x02, 0x01, 0x02, 0xA1, 0x06, 0x04, 0x04,\n\t\t 0x0A, 0xA3, 0x9c, 0x12, 0x30, 0x0D, 0xA0, 0x03,\n\t\t 0x02, 0x01, 0x02, 0xA1, 0x06, 0x04, 0x04, 0x0A,\n\t\t 0xA3, 0x9F, 0x01);\n\n\nforeach port (make_list(88, 750))\nif (get_udp_port_state(port))\n{\n soc = open_sock_udp(port);\n send(socket:soc, data:req);\n r = recv(socket:soc, length:4096);\n close(soc);\n\n if(strlen(r) > 10 && ord(r[10]) == 5)\n {\n security_hole(port:port, proto:\"udp\");\n }\n}\n", "naslFamily": "Misc.", "pluginID": "11512", "cpe": [], "scheme": null}
{"redhat": [{"lastseen": "2019-12-11T13:31:10", "bulletinFamily": "unix", "cvelist": ["CVE-2002-0036", "CVE-2003-0028", "CVE-2003-0058", "CVE-2003-0059", "CVE-2003-0060", "CVE-2003-0072", "CVE-2003-0082", "CVE-2003-0138", "CVE-2003-0139", "CVE-2004-0772"], "description": "Kerberos is a network authentication system. The MIT Kerberos team\nreleased an advisory describing a number of vulnerabilities that affect the\nkerberos packages shipped by Red Hat.\n\nAn integer signedness error in the ASN.1 decoder before version 1.2.5\nallows remote attackers to cause a denial of service via a large unsigned\ndata element length, which is later used as a negative value. The Common\nVulnerabilities and Exposures project has assigned the name CAN-2002-0036\nto this issue. \n\nThe Key Distribution Center (KDC) before version 1.2.5 allows remote,\nauthenticated, attackers to cause a denial of service (crash) on KDCs\nwithin the same realm via a certain protocol request that:\n\n- causes a null pointer dereference (CAN-2003-0058).\n\n- causes the KDC to corrupt its heap (CAN-2003-0082).\n\nA vulnerability in Kerberos before version 1.2.3 allows users from\none realm to impersonate users in other realms that have the same\ninter-realm keys (CAN-2003-0059).\n\nThe MIT advisory for these issues also mentions format string\nvulnerabilities in the logging routines (CAN-2003-0060). Previous versions\nof the kerberos packages from Red Hat already contain fixes for this issue.\n\nVulnerabilities have been found in the implementation of support for\ntriple-DES keys in the implementation of the Kerberos IV authentication\nprotocol included in MIT Kerberos (CAN-2003-0139).\n\nVulnerabilities have been found in the Kerberos IV authentication protocol\nwhich allow an attacker with knowledge of a cross-realm key that is shared\nwith another realm to impersonate any principal in that realm to any\nservice in that realm. This vulnerability can only be closed by disabling\ncross-realm authentication in Kerberos IV (CAN-2003-0138).\n\nVulnerabilities have been found in the RPC library used by the kadmin\nservice in Kerberos 5. A faulty length check in the RPC library exposes\nkadmind to an integer overflow which can be used to crash kadmind\n(CAN-2003-0028).\n\nAll users of Kerberos are advised to upgrade to these errata packages,\nwhich disable cross-realm authentication by default for Kerberos IV and\nwhich contain backported patches to correct these issues.", "modified": "2018-03-14T19:25:29", "published": "2003-03-27T05:00:00", "id": "RHSA-2003:052", "href": "https://access.redhat.com/errata/RHSA-2003:052", "type": "redhat", "title": "(RHSA-2003:052) krb5 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0642", "CVE-2004-0643", "CVE-2004-0644", "CVE-2004-0772"], "description": "Kerberos is a networked authentication system that uses a trusted third\nparty (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and libraries. A\nremote attacker could potentially exploit these flaws to execuate arbitrary\ncode. The Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the names CAN-2004-0642 and CAN-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CAN-2004-0772),\nhowever this issue was fixed for Red Hat Enterprise Linux 2.1 users by a\nprevious erratum, RHSA-2003:052.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder library. A\nremote attacker may be able to trigger this flaw and cause a denial of\nservice. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CAN-2004-0644 to this issue.\n\nAll users of krb5 should upgrade to these updated packages, which contain\nbackported security patches to resolve these issues.", "modified": "2018-03-14T19:28:01", "published": "2004-08-31T04:00:00", "id": "RHSA-2004:448", "href": "https://access.redhat.com/errata/RHSA-2004:448", "type": "redhat", "title": "(RHSA-2004:448) krb5 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:38", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0642", "CVE-2004-0643", "CVE-2004-0644", "CVE-2004-0772"], "description": "Kerberos is a networked authentication system that uses a trusted third\nparty (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and libraries. A\nremote attacker could potentially exploit these flaws to execuate arbitrary\ncode. The Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the names CAN-2004-0642 and CAN-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CAN-2004-0772),\nhowever this issue does not affect Red Hat Enterprise Linux 3 Kerberos\npackages.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder library. A\nremote attacker may be able to trigger this flaw and cause a denial of\nservice. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CAN-2004-0644 to this issue.\n\nWhen attempting to contact a KDC, the Kerberos libraries will iterate\nthrough the list of configured servers, attempting to contact each in turn.\nIf one of the servers becomes unresponsive, the client will time out and\ncontact the next configured server. When the library attempts to contact\nthe next KDC, the entire process is repeated. For applications which must\ncontact a KDC several times, the accumulated time spent waiting can become\nsignificant.\n\nThis update modifies the libraries, notes which server for a given realm\nlast responded to a request, and attempts to contact that server first\nbefore contacting any of the other configured servers.\n\nAll users of krb5 should upgrade to these updated packages, which contain\nbackported security patches to resolve these issues.", "modified": "2017-07-29T20:28:42", "published": "2004-08-31T04:00:00", "id": "RHSA-2004:350", "href": "https://access.redhat.com/errata/RHSA-2004:350", "type": "redhat", "title": "(RHSA-2004:350) krb5 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-17T13:05:15", "description": "Updated kerberos packages fix a number of vulnerabilities found in MIT\nKerberos.\n\nKerberos is a network authentication system. The MIT Kerberos team\nreleased an advisory describing a number of vulnerabilities that\naffect the kerberos packages shipped by Red Hat.\n\nAn integer signedness error in the ASN.1 decoder before version 1.2.5\nallows remote attackers to cause a denial of service via a large\nunsigned data element length, which is later used as a negative value.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2002-0036 to this issue.\n\nThe Key Distribution Center (KDC) before version 1.2.5 allows remote,\nauthenticated, attackers to cause a denial of service (crash) on KDCs\nwithin the same realm via a certain protocol request that :\n\n - causes a NULL pointer dereference (CVE-2003-0058).\n\n - causes the KDC to corrupt its heap (CVE-2003-0082).\n\nA vulnerability in Kerberos before version 1.2.3 allows users from one\nrealm to impersonate users in other realms that have the same\ninter-realm keys (CVE-2003-0059).\n\nThe MIT advisory for these issues also mentions format string\nvulnerabilities in the logging routines (CVE-2003-0060). Previous\nversions of the kerberos packages from Red Hat already contain fixes\nfor this issue.\n\nVulnerabilities have been found in the implementation of support for\ntriple-DES keys in the implementation of the Kerberos IV\nauthentication protocol included in MIT Kerberos (CVE-2003-0139).\n\nVulnerabilities have been found in the Kerberos IV authentication\nprotocol which allow an attacker with knowledge of a cross-realm key\nthat is shared with another realm to impersonate any principal in that\nrealm to any service in that realm. This vulnerability can only be\nclosed by disabling cross-realm authentication in Kerberos IV\n(CVE-2003-0138).\n\nVulnerabilities have been found in the RPC library used by the kadmin\nservice in Kerberos 5. A faulty length check in the RPC library\nexposes kadmind to an integer overflow which can be used to crash\nkadmind (CVE-2003-0028).\n\nAll users of Kerberos are advised to upgrade to these errata packages,\nwhich disable cross-realm authentication by default for Kerberos IV\nand which contain backported patches to correct these issues.", "edition": 27, "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 : krb5 (RHSA-2003:052)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0082", "CVE-2003-0072", "CVE-2003-0058", "CVE-2003-0059", "CVE-2003-0060", "CVE-2003-0028", "CVE-2004-0772", "CVE-2003-0138", "CVE-2003-0139", "CVE-2002-0036"], "modified": "2004-07-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:krb5-libs", "p-cpe:/a:redhat:enterprise_linux:krb5-devel", "p-cpe:/a:redhat:enterprise_linux:krb5-workstation", "p-cpe:/a:redhat:enterprise_linux:krb5-server"], "id": "REDHAT-RHSA-2003-052.NASL", "href": "https://www.tenable.com/plugins/nessus/12364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2003:052. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(12364);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2002-0036\", \"CVE-2003-0028\", \"CVE-2003-0058\", \"CVE-2003-0059\", \"CVE-2003-0072\", \"CVE-2003-0082\", \"CVE-2003-0138\", \"CVE-2003-0139\", \"CVE-2004-0772\");\n script_xref(name:\"RHSA\", value:\"2003:052\");\n\n script_name(english:\"RHEL 2.1 : krb5 (RHSA-2003:052)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kerberos packages fix a number of vulnerabilities found in MIT\nKerberos.\n\nKerberos is a network authentication system. The MIT Kerberos team\nreleased an advisory describing a number of vulnerabilities that\naffect the kerberos packages shipped by Red Hat.\n\nAn integer signedness error in the ASN.1 decoder before version 1.2.5\nallows remote attackers to cause a denial of service via a large\nunsigned data element length, which is later used as a negative value.\nThe Common Vulnerabilities and Exposures project has assigned the name\nCVE-2002-0036 to this issue.\n\nThe Key Distribution Center (KDC) before version 1.2.5 allows remote,\nauthenticated, attackers to cause a denial of service (crash) on KDCs\nwithin the same realm via a certain protocol request that :\n\n - causes a NULL pointer dereference (CVE-2003-0058).\n\n - causes the KDC to corrupt its heap (CVE-2003-0082).\n\nA vulnerability in Kerberos before version 1.2.3 allows users from one\nrealm to impersonate users in other realms that have the same\ninter-realm keys (CVE-2003-0059).\n\nThe MIT advisory for these issues also mentions format string\nvulnerabilities in the logging routines (CVE-2003-0060). Previous\nversions of the kerberos packages from Red Hat already contain fixes\nfor this issue.\n\nVulnerabilities have been found in the implementation of support for\ntriple-DES keys in the implementation of the Kerberos IV\nauthentication protocol included in MIT Kerberos (CVE-2003-0139).\n\nVulnerabilities have been found in the Kerberos IV authentication\nprotocol which allow an attacker with knowledge of a cross-realm key\nthat is shared with another realm to impersonate any principal in that\nrealm to any service in that realm. This vulnerability can only be\nclosed by disabling cross-realm authentication in Kerberos IV\n(CVE-2003-0138).\n\nVulnerabilities have been found in the RPC library used by the kadmin\nservice in Kerberos 5. A faulty length check in the RPC library\nexposes kadmind to an integer overflow which can be used to crash\nkadmind (CVE-2003-0028).\n\nAll users of Kerberos are advised to upgrade to these errata packages,\nwhich disable cross-realm authentication by default for Kerberos IV\nand which contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-0036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49b852e4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-003-xdr.txt\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4ced782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2003:052\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2003:052\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-devel-1.2.2-24\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-libs-1.2.2-24\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-server-1.2.2-24\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-workstation-1.2.2-24\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:18", "description": "Multiple vulnerabilities have been found in the Kerberos network\nauthentication system. The MIT Kerberos team have released an advisory\ndetailing these vulnerabilities, a description of which follows.\n\nAn integer signedness error in the ASN.1 decoder before version 1.2.5\nallows remote attackers to cause a crash of the server via a large\nunsigned data element length, which is later used as a negative value\n(CVE-2002-0036). Mandrake Linux 9.0+ is not affected by this problem.\n\nVulnerabilities have been found in the RPC library used by the kadmin\nservice. A faulty length check in the RPC library exposes kadmind to\nan integer overflow which can be used to crash kadmind\n(CVE-2003-0028).\n\nThe KDC (Key Distribution Center) before version 1.2.5 allows remote,\nauthenticated attackers to cause a crash on KDCs within the same realm\nusing a certain protocol that causes a null dereference\n(CVE-2003-0058). Mandrake Linux 9.0+ is not affected by this problem.\n\nUsers from one realm can impersonate users in other realms that have\nthe same inter-realm keys due to a vulnerability in Kerberos 1.2.3 and\nearlier (CVE-2003-0059). Mandrake Linux 9.0+ is not affected by this\nproblem.\n\nThe KDC allows remote, authenticated users to cause a crash on KDCs\nwithin the same realm using a certain protocol request that causes an\nout-of-bounds read of an array (CVE-2003-0072).\n\nThe KDC allows remote, authenticated users to cause a crash on KDCs\nwithin the same realm using a certain protocol request that causes the\nKDC to corrupt its heap (CVE-2003-0082).\n\nVulnerabilities have been discovered in the Kerberos IV authentication\nprotocol which allow an attacker with knowledge of a cross-realm key,\nwhich is shared in another realm, to impersonate a principle in that\nrealm to any service in that realm. This vulnerability can only be\nclosed by disabling cross-realm authentication in Kerberos IV\n(CVE-2003-0138).\n\nVulnerabilities have been discovered in the support for triple-DES\nkeys in the Kerberos IV authentication protocol which is included in\nMIT Kerberos (CVE-2003-0139).\n\nMandrakeSoft encourages all users to upgrade to these updated packages\nimmediately which contain patches to correct all of the previously\nnoted vulnerabilities. These packages also disable Kerberos IV\ncross-realm authentication by default.\n\nUpdate :\n\nThe packages for Mandrake Linux 9.1 and 9.1/PPC were not GPG-signed.\nThis has been fixed and as a result the md5sums have changed. Thanks\nto Mark Lyda for pointing this out.", "edition": 18, "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : krb5 (MDKSA-2003:043-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0082", "CVE-2003-0072", "CVE-2003-0058", "CVE-2003-0059", "CVE-2003-0028", "CVE-2003-0138", "CVE-2003-0139", "CVE-2002-0036"], "modified": "2004-07-31T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:krb5-workstation", "cpe:/o:mandrakesoft:mandrake_linux:9.1", "p-cpe:/a:mandriva:linux:krb5-server", "p-cpe:/a:mandriva:linux:ftp-server-krb5", "p-cpe:/a:mandriva:linux:krb5-devel", "p-cpe:/a:mandriva:linux:ftp-client-krb5", "p-cpe:/a:mandriva:linux:telnet-client-krb5", "p-cpe:/a:mandriva:linux:telnet-server-krb5", "p-cpe:/a:mandriva:linux:krb5-libs"], "id": "MANDRAKE_MDKSA-2003-043.NASL", "href": "https://www.tenable.com/plugins/nessus/14027", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:043. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14027);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2002-0036\", \"CVE-2003-0028\", \"CVE-2003-0058\", \"CVE-2003-0059\", \"CVE-2003-0072\", \"CVE-2003-0082\", \"CVE-2003-0138\", \"CVE-2003-0139\");\n script_xref(name:\"MDKSA\", value:\"2003:043-1\");\n\n script_name(english:\"Mandrake Linux Security Advisory : krb5 (MDKSA-2003:043-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been found in the Kerberos network\nauthentication system. The MIT Kerberos team have released an advisory\ndetailing these vulnerabilities, a description of which follows.\n\nAn integer signedness error in the ASN.1 decoder before version 1.2.5\nallows remote attackers to cause a crash of the server via a large\nunsigned data element length, which is later used as a negative value\n(CVE-2002-0036). Mandrake Linux 9.0+ is not affected by this problem.\n\nVulnerabilities have been found in the RPC library used by the kadmin\nservice. A faulty length check in the RPC library exposes kadmind to\nan integer overflow which can be used to crash kadmind\n(CVE-2003-0028).\n\nThe KDC (Key Distribution Center) before version 1.2.5 allows remote,\nauthenticated attackers to cause a crash on KDCs within the same realm\nusing a certain protocol that causes a null dereference\n(CVE-2003-0058). Mandrake Linux 9.0+ is not affected by this problem.\n\nUsers from one realm can impersonate users in other realms that have\nthe same inter-realm keys due to a vulnerability in Kerberos 1.2.3 and\nearlier (CVE-2003-0059). Mandrake Linux 9.0+ is not affected by this\nproblem.\n\nThe KDC allows remote, authenticated users to cause a crash on KDCs\nwithin the same realm using a certain protocol request that causes an\nout-of-bounds read of an array (CVE-2003-0072).\n\nThe KDC allows remote, authenticated users to cause a crash on KDCs\nwithin the same realm using a certain protocol request that causes the\nKDC to corrupt its heap (CVE-2003-0082).\n\nVulnerabilities have been discovered in the Kerberos IV authentication\nprotocol which allow an attacker with knowledge of a cross-realm key,\nwhich is shared in another realm, to impersonate a principle in that\nrealm to any service in that realm. This vulnerability can only be\nclosed by disabling cross-realm authentication in Kerberos IV\n(CVE-2003-0138).\n\nVulnerabilities have been discovered in the support for triple-DES\nkeys in the Kerberos IV authentication protocol which is included in\nMIT Kerberos (CVE-2003-0139).\n\nMandrakeSoft encourages all users to upgrade to these updated packages\nimmediately which contain patches to correct all of the previously\nnoted vulnerabilities. These packages also disable Kerberos IV\ncross-realm authentication by default.\n\nUpdate :\n\nThe packages for Mandrake Linux 9.1 and 9.1/PPC were not GPG-signed.\nThis has been fixed and as a result the md5sums have changed. Thanks\nto Mark Lyda for pointing this out.\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4ced782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-003-xdr.txt\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49b852e4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"ftp-client-krb5-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"ftp-server-krb5-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-devel-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-libs-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-server-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-workstation-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"telnet-client-krb5-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"telnet-server-krb5-1.2.7-1.1mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:42", "description": "Kerberos is a networked authentication system which uses a trusted\nthird-party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Fedora Core.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-08-31T00:00:00", "title": "Fedora Core 1 : krb5-1.3.4-5 (2004-276)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-08-31T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-server", "cpe:/o:fedoraproject:fedora_core:1", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-devel"], "id": "FEDORA_2004-276.NASL", "href": "https://www.tenable.com/plugins/nessus/14592", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-276.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14592);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\");\n script_xref(name:\"FEDORA\", value:\"2004-276\");\n\n script_name(english:\"Fedora Core 1 : krb5-1.3.4-5 (2004-276)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kerberos is a networked authentication system which uses a trusted\nthird-party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Fedora Core.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-August/000272.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fb8d8599\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 1.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC1\", reference:\"krb5-debuginfo-1.3.4-5\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"krb5-devel-1.3.4-5\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"krb5-libs-1.3.4-5\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"krb5-server-1.3.4-5\")) flag++;\nif (rpm_check(release:\"FC1\", reference:\"krb5-workstation-1.3.4-5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:02:57", "description": "The MIT Kerberos Development Team has discovered a number of\nvulnerabilities in the MIT Kerberos Version 5 software. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities :\n\n - CAN-2004-0642 [VU#795632]\n A double-free error may allow unauthenticated remote\n attackers to execute arbitrary code on KDC or clients.\n\n - CAN-2004-0643 [VU#866472]\n\n Several double-free errors may allow authenticated\n attackers to execute arbitrary code on Kerberos\n application servers.\n\n - CAN-2004-0644 [VU#550464]\n\n A remotely exploitable denial of service vulnerability\n has been found in the KDC and libraries.\n\n - CAN-2004-0772 [VU#350792]\n\n Several double-free errors may allow remote attackers to\n execute arbitrary code on the server. This does not\n affect the version in woody.", "edition": 25, "published": "2004-09-29T00:00:00", "title": "Debian DSA-543-1 : krb5 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:krb5"], "id": "DEBIAN_DSA-543.NASL", "href": "https://www.tenable.com/plugins/nessus/15380", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-543. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15380);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_xref(name:\"CERT\", value:\"350792\");\n script_xref(name:\"CERT\", value:\"550464\");\n script_xref(name:\"CERT\", value:\"795632\");\n script_xref(name:\"CERT\", value:\"866472\");\n script_xref(name:\"DSA\", value:\"543\");\n\n script_name(english:\"Debian DSA-543-1 : krb5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The MIT Kerberos Development Team has discovered a number of\nvulnerabilities in the MIT Kerberos Version 5 software. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities :\n\n - CAN-2004-0642 [VU#795632]\n A double-free error may allow unauthenticated remote\n attackers to execute arbitrary code on KDC or clients.\n\n - CAN-2004-0643 [VU#866472]\n\n Several double-free errors may allow authenticated\n attackers to execute arbitrary code on Kerberos\n application servers.\n\n - CAN-2004-0644 [VU#550464]\n\n A remotely exploitable denial of service vulnerability\n has been found in the KDC and libraries.\n\n - CAN-2004-0772 [VU#350792]\n\n Several double-free errors may allow remote attackers to\n execute arbitrary code on the server. This does not\n affect the version in woody.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-543\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the krb5 packages.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"krb5-admin-server\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-clients\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-doc\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-ftpd\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-kdc\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-rsh-server\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-telnetd\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-user\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkadm55\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkrb5-dev\", reference:\"1.2.4-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkrb53\", reference:\"1.2.4-5woody6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:51", "description": "The remote host is affected by the vulnerability described in GLSA-200409-09\n(MIT krb5: Multiple vulnerabilities)\n\n The implementation of the Key Distribution Center (KDC) and the MIT krb5\n library contain double-free vulnerabilities, making client programs as well\n as application servers vulnerable.\n The ASN.1 decoder library is vulnerable to a denial of service attack,\n including the KDC.\n \nImpact :\n\n The double-free vulnerabilities could allow an attacker to execute\n arbitrary code on a KDC host and hosts running krb524d or vulnerable\n services. In the case of a KDC host, this can lead to a compromise of the\n entire Kerberos realm. Furthermore, an attacker impersonating a legitimate\n KDC or application server can potentially execute arbitrary code on\n authenticating clients.\n An attacker can cause a denial of service for a KDC or application server\n and clients, the latter if impersonating a legitimate KDC or application\n server.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2004-09-06T00:00:00", "title": "GLSA-200409-09 : MIT krb5: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-09-06T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mit-krb5"], "id": "GENTOO_GLSA-200409-09.NASL", "href": "https://www.tenable.com/plugins/nessus/14666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200409-09.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14666);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_xref(name:\"GLSA\", value:\"200409-09\");\n\n script_name(english:\"GLSA-200409-09 : MIT krb5: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200409-09\n(MIT krb5: Multiple vulnerabilities)\n\n The implementation of the Key Distribution Center (KDC) and the MIT krb5\n library contain double-free vulnerabilities, making client programs as well\n as application servers vulnerable.\n The ASN.1 decoder library is vulnerable to a denial of service attack,\n including the KDC.\n \nImpact :\n\n The double-free vulnerabilities could allow an attacker to execute\n arbitrary code on a KDC host and hosts running krb524d or vulnerable\n services. In the case of a KDC host, this can lead to a compromise of the\n entire Kerberos realm. Furthermore, an attacker impersonating a legitimate\n KDC or application server can potentially execute arbitrary code on\n authenticating clients.\n An attacker can cause a denial of service for a KDC or application server\n and clients, the latter if impersonating a legitimate KDC or application\n server.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?34bb0fc8\"\n );\n # http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d0e4d09\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200409-09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All mit-krb5 users should upgrade to the latest stable version:\n # emerge sync\n # emerge -pv '>=app-crypt/mit-krb5-1.3.4'\n # emerge '>=app-crypt/mit-krb5-1.3.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mit-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/06\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-crypt/mit-krb5\", unaffected:make_list(\"ge 1.3.4\"), vulnerable:make_list(\"lt 1.3.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MIT krb5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:22", "description": "A double-free vulnerability exists in the MIT Kerberos 5's KDC program\nthat could potentially allow a remote attacker to execute arbitrary\ncode on the KDC host. As well, multiple double-free vulnerabilities\nexist in the krb5 library code, which makes client programs and\napplication servers vulnerable. The MIT Kerberos 5 development team\nbelieves that exploitation of these bugs would be difficult and no\nknown vulnerabilities are believed to exist. The vulnerability in\nkrb524d was discovered by Marc Horowitz; the other double-free\nvulnerabilities were discovered by Will Fiveash and Nico Williams at\nSun.\n\nWill Fiveash and Nico Williams also found another vulnerability in the\nASN.1 decoder library. This makes krb5 vulnerable to a DoS (Denial of\nService) attack causing an infinite loop in the decoder. The KDC is\nvulnerable to this attack.\n\nThe MIT Kerberos 5 team has provided patches which have been applied\nto the updated software to fix these issues. Mandrakesoft encourages\nall users to upgrade immediately.", "edition": 25, "published": "2004-09-07T00:00:00", "title": "Mandrake Linux Security Advisory : krb5 (MDKSA-2004:088)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-09-07T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:krb5-workstation", "cpe:/o:mandrakesoft:mandrake_linux:9.1", "p-cpe:/a:mandriva:linux:krb5-server", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:libkrb51-devel", "p-cpe:/a:mandriva:linux:ftp-server-krb5", "cpe:/o:mandrakesoft:mandrake_linux:9.2", "p-cpe:/a:mandriva:linux:krb5-devel", "p-cpe:/a:mandriva:linux:ftp-client-krb5", "p-cpe:/a:mandriva:linux:lib64krb51", "p-cpe:/a:mandriva:linux:telnet-client-krb5", "p-cpe:/a:mandriva:linux:telnet-server-krb5", "p-cpe:/a:mandriva:linux:libkrb51", "p-cpe:/a:mandriva:linux:krb5-libs", "p-cpe:/a:mandriva:linux:lib64krb51-devel"], "id": "MANDRAKE_MDKSA-2004-088.NASL", "href": "https://www.tenable.com/plugins/nessus/14673", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:088. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14673);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_xref(name:\"CERT\", value:\"350792\");\n script_xref(name:\"CERT\", value:\"550464\");\n script_xref(name:\"CERT\", value:\"795632\");\n script_xref(name:\"CERT\", value:\"866472\");\n script_xref(name:\"MDKSA\", value:\"2004:088\");\n\n script_name(english:\"Mandrake Linux Security Advisory : krb5 (MDKSA-2004:088)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A double-free vulnerability exists in the MIT Kerberos 5's KDC program\nthat could potentially allow a remote attacker to execute arbitrary\ncode on the KDC host. As well, multiple double-free vulnerabilities\nexist in the krb5 library code, which makes client programs and\napplication servers vulnerable. The MIT Kerberos 5 development team\nbelieves that exploitation of these bugs would be difficult and no\nknown vulnerabilities are believed to exist. The vulnerability in\nkrb524d was discovered by Marc Horowitz; the other double-free\nvulnerabilities were discovered by Will Fiveash and Nico Williams at\nSun.\n\nWill Fiveash and Nico Williams also found another vulnerability in the\nASN.1 decoder library. This makes krb5 vulnerable to a DoS (Denial of\nService) attack causing an infinite loop in the decoder. The KDC is\nvulnerable to this attack.\n\nThe MIT Kerberos 5 team has provided patches which have been applied\nto the updated software to fix these issues. Mandrakesoft encourages\nall users to upgrade immediately.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb51\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb51-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb51\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb51-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"ftp-client-krb5-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"ftp-server-krb5-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"krb5-server-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"krb5-workstation-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64krb51-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64krb51-devel-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkrb51-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkrb51-devel-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"telnet-client-krb5-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"telnet-server-krb5-1.3-6.3.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"ftp-client-krb5-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"ftp-server-krb5-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-devel-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-libs-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-server-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"krb5-workstation-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"telnet-client-krb5-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"telnet-server-krb5-1.2.7-1.4.91mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"ftp-client-krb5-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"ftp-server-krb5-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"krb5-server-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"krb5-workstation-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64krb51-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64krb51-devel-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkrb51-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libkrb51-devel-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"telnet-client-krb5-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"telnet-server-krb5-1.3-3.3.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:42", "description": "Kerberos is a networked authentication system which uses a trusted\nthird-party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Fedora Core.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-08-31T00:00:00", "title": "Fedora Core 2 : krb5-1.3.4-6 (2004-277)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-08-31T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-server", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-devel"], "id": "FEDORA_2004-277.NASL", "href": "https://www.tenable.com/plugins/nessus/14593", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-277.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14593);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\");\n script_xref(name:\"FEDORA\", value:\"2004-277\");\n\n script_name(english:\"Fedora Core 2 : krb5-1.3.4-6 (2004-277)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kerberos is a networked authentication system which uses a trusted\nthird-party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Fedora Core.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-August/000273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15b57fbe\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"krb5-debuginfo-1.3.4-6\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"krb5-devel-1.3.4-6\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"krb5-libs-1.3.4-6\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"krb5-server-1.3.4-6\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"krb5-workstation-1.3.4-6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:19", "description": "Updated krb5 packages that improve client responsiveness and fix\nseveral security issues are now available for Red Hat Enterprise Linux\n3.\n\nKerberos is a networked authentication system that uses a trusted\nthird party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Red Hat Enterprise Linux 3 Kerberos\npackages.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nWhen attempting to contact a KDC, the Kerberos libraries will iterate\nthrough the list of configured servers, attempting to contact each in\nturn. If one of the servers becomes unresponsive, the client will time\nout and contact the next configured server. When the library attempts\nto contact the next KDC, the entire process is repeated. For\napplications which must contact a KDC several times, the accumulated\ntime spent waiting can become significant.\n\nThis update modifies the libraries, notes which server for a given\nrealm last responded to a request, and attempts to contact that server\nfirst before contacting any of the other configured servers.\n\nAll users of krb5 should upgrade to these updated packages, which\ncontain backported security patches to resolve these issues.", "edition": 27, "published": "2004-09-01T00:00:00", "title": "RHEL 3 : krb5 (RHSA-2004:350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-09-01T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:krb5-libs", "p-cpe:/a:redhat:enterprise_linux:krb5-devel", "p-cpe:/a:redhat:enterprise_linux:krb5-workstation", "p-cpe:/a:redhat:enterprise_linux:krb5-server"], "id": "REDHAT-RHSA-2004-350.NASL", "href": "https://www.tenable.com/plugins/nessus/14595", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:350. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14595);\n script_version(\"1.32\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_xref(name:\"RHSA\", value:\"2004:350\");\n\n script_name(english:\"RHEL 3 : krb5 (RHSA-2004:350)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that improve client responsiveness and fix\nseveral security issues are now available for Red Hat Enterprise Linux\n3.\n\nKerberos is a networked authentication system that uses a trusted\nthird party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue does not affect Red Hat Enterprise Linux 3 Kerberos\npackages.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nWhen attempting to contact a KDC, the Kerberos libraries will iterate\nthrough the list of configured servers, attempting to contact each in\nturn. If one of the servers becomes unresponsive, the client will time\nout and contact the next configured server. When the library attempts\nto contact the next KDC, the entire process is repeated. For\napplications which must contact a KDC several times, the accumulated\ntime spent waiting can become significant.\n\nThis update modifies the libraries, notes which server for a given\nrealm last responded to a request, and attempts to contact that server\nfirst before contacting any of the other configured servers.\n\nAll users of krb5 should upgrade to these updated packages, which\ncontain backported security patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:350\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:350\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-devel-1.2.7-28\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-libs-1.2.7-28\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-server-1.2.7-28\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-workstation-1.2.7-28\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:20", "description": "Updated Kerberos (krb5) packages that correct double-free and ASN.1\nparsing bugs are now available for Red Hat Enterprise Linux.\n\nKerberos is a networked authentication system that uses a trusted\nthird party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue was fixed for Red Hat Enterprise Linux 2.1 users by\na previous erratum, RHSA-2003:052.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nAll users of krb5 should upgrade to these updated packages, which\ncontain backported security patches to resolve these issues.", "edition": 26, "published": "2004-09-01T00:00:00", "title": "RHEL 2.1 : krb5 (RHSA-2004:448)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "modified": "2004-09-01T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:krb5-libs", "p-cpe:/a:redhat:enterprise_linux:krb5-devel", "p-cpe:/a:redhat:enterprise_linux:krb5-workstation", "p-cpe:/a:redhat:enterprise_linux:krb5-server"], "id": "REDHAT-RHSA-2004-448.NASL", "href": "https://www.tenable.com/plugins/nessus/14596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:448. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14596);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\");\n script_xref(name:\"RHSA\", value:\"2004:448\");\n\n script_name(english:\"RHEL 2.1 : krb5 (RHSA-2004:448)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Kerberos (krb5) packages that correct double-free and ASN.1\nparsing bugs are now available for Red Hat Enterprise Linux.\n\nKerberos is a networked authentication system that uses a trusted\nthird party (a KDC) to authenticate clients and servers to each other.\n\nSeveral double-free bugs were found in the Kerberos 5 KDC and\nlibraries. A remote attacker could potentially exploit these flaws to\nexecute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the names CVE-2004-0642 and\nCVE-2004-0643 to these issues.\n\nA double-free bug was also found in the krb524 server (CVE-2004-0772),\nhowever this issue was fixed for Red Hat Enterprise Linux 2.1 users by\na previous erratum, RHSA-2003:052.\n\nAn infinite loop bug was found in the Kerberos 5 ASN.1 decoder\nlibrary. A remote attacker may be able to trigger this flaw and cause\na denial of service. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.\n\nAll users of krb5 should upgrade to these updated packages, which\ncontain backported security patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:448\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:448\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-devel-1.2.2-31\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-libs-1.2.2-31\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-server-1.2.2-31\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"krb5-workstation-1.2.2-31\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:47:44", "description": "Several vulnerabilities have been discovered in krb5, an\nimplementation of MIT Kerberos.\n\n - A cryptographic weakness in version 4 of the Kerberos\n protocol allows an attacker to use a chosen-plaintext\n attack to impersonate any principal in a realm.\n Additional cryptographic weaknesses in the krb4\n implementation included in the MIT krb5 distribution\n permit the use of cut-and-paste attacks to fabricate\n krb4 tickets for unauthorized client principals if\n triple-DES keys are used to key krb4 services. These\n attacks can subvert a site's entire Kerberos\n authentication infrastructure.\n Kerberos version 5 does not contain this cryptographic\n vulnerability. Sites are not vulnerable if they have\n Kerberos v4 completely disabled, including the disabling\n of any krb5 to krb4 translation services.\n\n - The MIT Kerberos 5 implementation includes an RPC\n library derived from SUNRPC. The implementation contains\n length checks, that are vulnerable to an integer\n overflow, which may be exploitable to create denials of\n service or to gain unauthorized access to sensitive\n information.\n - Buffer overrun and underrun problems exist in Kerberos\n principal name handling in unusual cases, such as names\n with zero components, names with one empty component, or\n host-based service principal names with no host name\n component.\n\nThis version of the krb5 package changes the default behavior and\ndisallows cross-realm authentication for Kerberos version 4. Because\nof the fundamental nature of the problem, cross-realm authentication\nin Kerberos version 4 cannot be made secure and sites should avoid its\nuse. A new option (-X) is provided to the krb5kdc and krb524d commands\nto re-enable version 4 cross-realm authentication for those sites that\nmust use this functionality but desire the other security fixes.", "edition": 26, "published": "2004-09-29T00:00:00", "title": "Debian DSA-266-1 : krb5 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0082", "CVE-2003-0072", "CVE-2003-0028", "CVE-2003-0138", "CVE-2003-0139"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:krb5"], "id": "DEBIAN_DSA-266.NASL", "href": "https://www.tenable.com/plugins/nessus/15103", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-266. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15103);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2003-0028\", \"CVE-2003-0072\", \"CVE-2003-0082\", \"CVE-2003-0138\", \"CVE-2003-0139\");\n script_xref(name:\"CERT\", value:\"442569\");\n script_xref(name:\"CERT\", value:\"516825\");\n script_xref(name:\"CERT\", value:\"623217\");\n script_xref(name:\"DSA\", value:\"266\");\n\n script_name(english:\"Debian DSA-266-1 : krb5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in krb5, an\nimplementation of MIT Kerberos.\n\n - A cryptographic weakness in version 4 of the Kerberos\n protocol allows an attacker to use a chosen-plaintext\n attack to impersonate any principal in a realm.\n Additional cryptographic weaknesses in the krb4\n implementation included in the MIT krb5 distribution\n permit the use of cut-and-paste attacks to fabricate\n krb4 tickets for unauthorized client principals if\n triple-DES keys are used to key krb4 services. These\n attacks can subvert a site's entire Kerberos\n authentication infrastructure.\n Kerberos version 5 does not contain this cryptographic\n vulnerability. Sites are not vulnerable if they have\n Kerberos v4 completely disabled, including the disabling\n of any krb5 to krb4 translation services.\n\n - The MIT Kerberos 5 implementation includes an RPC\n library derived from SUNRPC. The implementation contains\n length checks, that are vulnerable to an integer\n overflow, which may be exploitable to create denials of\n service or to gain unauthorized access to sensitive\n information.\n - Buffer overrun and underrun problems exist in Kerberos\n principal name handling in unusual cases, such as names\n with zero components, names with one empty component, or\n host-based service principal names with no host name\n component.\n\nThis version of the krb5 package changes the default behavior and\ndisallows cross-realm authentication for Kerberos version 4. Because\nof the fundamental nature of the problem, cross-realm authentication\nin Kerberos version 4 cannot be made secure and sites should avoid its\nuse. A new option (-X) is provided to the krb5kdc and krb524d commands\nto re-enable version 4 cross-realm authentication for those sites that\nmust use this functionality but desire the other security fixes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-266\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the krb5 package.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.2.4-5woody4.\n\nThe old stable distribution (potato) does not contain krb5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"krb5-admin-server\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-clients\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-doc\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-ftpd\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-kdc\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-rsh-server\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-telnetd\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"krb5-user\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkadm55\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkrb5-dev\", reference:\"1.2.4-5woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkrb53\", reference:\"1.2.4-5woody4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2020-10-03T11:36:59", "description": "Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.", "edition": 4, "cvss3": {}, "published": "2003-02-19T05:00:00", "title": "CVE-2002-0036", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2002-0036"], "modified": "2020-01-21T15:44:00", "cpe": ["cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.2.4", "cpe:/a:mit:kerberos_5:1.2.1", "cpe:/a:mit:kerberos_5:1.2.3"], "id": "CVE-2002-0036", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0036", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:02", "description": "Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and \"ticket splicing.\"", "edition": 3, "cvss3": {}, "published": "2003-03-24T05:00:00", "title": "CVE-2003-0139", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0139"], "modified": "2018-10-19T15:29:00", "cpe": ["cpe:/a:mit:kerberos:4"], "id": "CVE-2003-0139", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0139", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos:4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:02", "description": "Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.", "edition": 3, "cvss3": {}, "published": "2003-03-24T05:00:00", "title": "CVE-2003-0138", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0138"], "modified": "2018-10-19T15:29:00", "cpe": ["cpe:/a:mit:kerberos:4"], "id": "CVE-2003-0138", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0138", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos:4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:39", "description": "The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.", "edition": 4, "cvss3": {}, "published": "2004-09-28T04:00:00", "title": "CVE-2004-0644", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0644"], "modified": "2020-01-21T15:45:00", "cpe": ["cpe:/a:mit:kerberos_5:1.3", "cpe:/a:mit:kerberos_5:1.2.8", "cpe:/a:mit:kerberos_5:1.3.2", "cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.3.3", "cpe:/a:mit:kerberos_5:1.2.4", "cpe:/a:mit:kerberos_5:1.3.4", "cpe:/a:mit:kerberos_5:1.2.5", "cpe:/a:mit:kerberos_5:1.2.7", "cpe:/a:mit:kerberos_5:1.2.6", "cpe:/a:mit:kerberos_5:1.3.1", "cpe:/a:mit:kerberos_5:1.2.3"], "id": "CVE-2004-0644", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0644", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:01", "description": "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka \"array overrun\").", "edition": 4, "cvss3": {}, "published": "2003-04-02T05:00:00", "title": "CVE-2003-0072", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0072"], "modified": "2020-01-21T15:47:00", "cpe": ["cpe:/a:mit:kerberos_5:1.3", "cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.1", "cpe:/a:mit:kerberos_5:1.2.4", "cpe:/a:mit:kerberos_5:1.2.5", "cpe:/a:mit:kerberos_5:1.2.1", "cpe:/a:mit:kerberos_5:1.2.7", "cpe:/a:mit:kerberos_5:1.2.6", "cpe:/a:mit:kerberos_5:1.1.1", "cpe:/a:mit:kerberos_5:1.2", "cpe:/a:mit:kerberos:1.2.2.beta1", "cpe:/a:mit:kerberos_5:1.0.6", "cpe:/a:mit:kerberos_5:1.2.3", "cpe:/a:mit:kerberos:1.0"], "id": "CVE-2003-0072", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0072", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:01", "description": "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka \"buffer underrun\").", "edition": 4, "cvss3": {}, "published": "2003-04-02T05:00:00", "title": "CVE-2003-0082", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0082"], "modified": "2020-01-21T15:47:00", "cpe": ["cpe:/a:mit:kerberos_5:1.3", "cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.1", "cpe:/a:mit:kerberos_5:1.2.4", "cpe:/a:mit:kerberos_5:1.2.5", "cpe:/a:mit:kerberos_5:1.2.1", "cpe:/a:mit:kerberos_5:1.2.7", "cpe:/a:mit:kerberos_5:1.2.6", "cpe:/a:mit:kerberos_5:1.1.1", "cpe:/a:mit:kerberos_5:1.2", "cpe:/a:mit:kerberos:1.2.2.beta1", "cpe:/a:mit:kerberos_5:1.0.6", "cpe:/a:mit:kerberos_5:1.2.3", "cpe:/a:mit:kerberos:1.0"], "id": "CVE-2003-0082", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0082", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:21:32", "description": "Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.", "edition": 5, "cvss3": {}, "published": "2004-09-28T04:00:00", "title": "CVE-2004-0643", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0643"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:mit:kerberos:5-1.3.1"], "id": "CVE-2004-0643", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0643", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos:5-1.3.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:01", "description": "Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.", "edition": 4, "cvss3": {}, "published": "2003-02-19T05:00:00", "title": "CVE-2003-0059", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0059"], "modified": "2020-01-21T15:44:00", "cpe": ["cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.2.1"], "id": "CVE-2003-0059", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0059", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:33:01", "description": "Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.", "edition": 4, "cvss3": {}, "published": "2003-02-19T05:00:00", "title": "CVE-2003-0060", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0060"], "modified": "2020-01-21T15:44:00", "cpe": ["cpe:/a:mit:kerberos_5:1.2.2", "cpe:/a:mit:kerberos_5:1.2.4", "cpe:/a:mit:kerberos_5:1.2.1", "cpe:/a:mit:kerberos_5:1.2.3"], "id": "CVE-2003-0060", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0060", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:21:32", "description": "Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.", "edition": 5, "cvss3": {}, "published": "2004-09-28T04:00:00", "title": "CVE-2004-0642", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0642"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:mit:kerberos:5-1.3.4"], "id": "CVE-2004-0642", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0642", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mit:kerberos:5-1.3.4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:50:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200409-09.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54666", "href": "http://plugins.openvas.org/nasl.php?oid=54666", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200409-09 (mit-krb5)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MIT krb5 contains several double-free vulnerabilities, potentially allowing\nthe execution of arbitrary code, as well as a denial of service\nvulnerability.\";\ntag_solution = \"All mit-krb5 users should upgrade to the latest stable version:\n\n # emerge sync\n\n # emerge -pv '>=app-crypt/mit-krb5-1.3.4'\n # emerge '>=app-crypt/mit-krb5-1.3.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200409-09\nhttp://bugs.gentoo.org/show_bug.cgi?id=62417\nhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt\nhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200409-09.\";\n\n \n\nif(description)\n{\n script_id(54666);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200409-09 (mit-krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-crypt/mit-krb5\", unaffected: make_list(\"ge 1.3.4\"), vulnerable: make_list(\"lt 1.3.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "The remote host is missing an update to krb5\nannounced via advisory DSA 543-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53233", "href": "http://plugins.openvas.org/nasl.php?oid=53233", "type": "openvas", "title": "Debian Security Advisory DSA 543-1 (krb5)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_543_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 543-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The MIT Kerberos Development Team has discovered a number of\nvulnerabilities in the MIT Kerberos Version 5 software. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2004-0642 [VU#795632]\n\nA double-free error may allow unauthenticated remote attackers to\nexecute arbitrary code on KDC or clients.\n\nCVE-2004-0643 [VU#866472]\n\nSeveral double-free errors may allow authenticated attackers to\nexecute arbitrary code on Kerberos application servers.\n\nCVE-2004-0644 [VU#550464]\n\nA remotely eploitable denial of service vulnerability has been\nfound in the KDC and libraries.\n\nCVE-2004-0772 [VU#350792]\n\nSeveral double-free errors may allow remote attackers to execute\narbitrary code on the server. This does not affect the version in\nwoody.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody6.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.4-3.\n\nWe recommend that you upgrade your krb5 packages.\";\ntag_summary = \"The remote host is missing an update to krb5\nannounced via advisory DSA 543-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20543-1\";\n\nif(description)\n{\n script_id(53233);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0644\", \"CVE-2004-0772\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 543-1 (krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.2.4-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-21T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52401", "href": "http://plugins.openvas.org/nasl.php?oid=52401", "type": "openvas", "title": "FreeBSD Ports: krb5", "sourceData": "#\n#VID 86a98b57-fb8e-11d8-9343-000a95bc6fae\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: krb5\n\nCVE-2004-0642\nDouble-free vulnerabilities in the error handling code for ASN.1\ndecoders in the (1) Key Distribution Center (KDC) library and (2)\nclient library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow\nremote attackers to execute arbitrary code.\n\nCVE-2004-0643\nDouble-free vulnerability in the krb5_rd_cred function for MIT\nKerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute\narbitrary code.\n\nCVE-2004-0772\nDouble-free vulnerabilities in error handling code in krb524d for MIT\nKerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to\nexecute arbitrary code.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt\nhttp://www.vuxml.org/freebsd/86a98b57-fb8e-11d8-9343-000a95bc6fae.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52401);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0642\", \"CVE-2004-0643\", \"CVE-2004-0772\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: krb5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"krb5\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.4_1\")<=0) {\n txt += 'Package krb5 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0072", "CVE-2003-0028", "CVE-2003-0138", "CVE-2003-0139"], "description": "The remote host is missing an update to krb5\nannounced via advisory DSA 266-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53337", "href": "http://plugins.openvas.org/nasl.php?oid=53337", "type": "openvas", "title": "Debian Security Advisory DSA 266-1 (krb5)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_266_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 266-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in krb5, an\nimplementation of MIT Kerberos.\n\n. A cryptographic weakness in version 4 of the Kerberos protocol\nallows an attacker to use a chosen-plaintext attack to impersonate\nany principal in a realm. Additional cryptographic weaknesses in\nthe krb4 implementation included in the MIT krb5 distribution\npermit the use of cut-and-paste attacks to fabricate krb4 tickets\nfor unauthorized client principals if triple-DES keys are used to\nkey krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nKerberos version 5 does not contain this cryptographic\nvulnerability. Sites are not vulnerable if they have Kerberos v4\ncompletely disabled, including the disabling of any krb5 to krb4\ntranslation services.\n\n. The MIT Kerberos 5 implementation includes an RPC library derived\nfrom SUNRPC. The implementation contains length checks, that are\nvulnerable to an integer overflow, which may be exploitable to\ncreate denials of service or to gain unauthorized access to\nsensitive information.\n\n. Buffer overrun and underrun problems exist in Kerberos principal\nname handling in unusual cases, such as names with zero components,\nnames with one empty component, or host-based service principal\nnames with no host name component.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 1.2.4-5woody4.\n\nThe old stable distribution (potato) does not contain krb5 packages.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your krb5 package.\";\ntag_summary = \"The remote host is missing an update to krb5\nannounced via advisory DSA 266-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20266-1\";\n\nif(description)\n{\n script_id(53337);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:28:10 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0028\", \"CVE-2003-0072\", \"CVE-2003-0138\", \"CVE-2003-0139\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 266-1 (krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.2.4-5woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0138"], "description": "The remote host is missing an update to krb4\nannounced via advisory DSA 273-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53342", "href": "http://plugins.openvas.org/nasl.php?oid=53342", "type": "openvas", "title": "Debian Security Advisory DSA 273-1 (krb4)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_273_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 273-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A cryptographic weakness in version 4 of the Kerberos protocol allows\nan attacker to use a chosen-plaintext attack to impersonate any\nprincipal in a realm. Additional cryptographic weaknesses in the krb4\nimplementation permit the use of cut-and-paste attacks to fabricate\nkrb4 tickets for unauthorized client principals if triple-DES keys are\nused to key krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 1.1-8-2.3.\n\nFor the old stable distribution (woody) this problem has been\nfixed in version 1.0-2.3.\n\nFor the unstable distribution (sid) this problem has been\nfixed in version 1.2.2-1.\n\nWe recommend that you upgrade your krb4 packages immediately.\";\ntag_summary = \"The remote host is missing an update to krb4\nannounced via advisory DSA 273-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20273-1\";\n\nif(description)\n{\n script_id(53342);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:28:10 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0138\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 273-1 (krb4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-clients\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-dev\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-kdc\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-services\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-user\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-x11\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth1\", ver:\"1.0-2.3\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-docs\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-services\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-user\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-x11\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth1\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-clients\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-clients-x\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-dev\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-dev-common\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-kdc\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-kip\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-servers\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kerberos4kth-servers-x\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libacl1-kerberos4kth\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm1-kerberos4kth\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkdb-1-kerberos4kth\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb-1-kerberos4kth\", ver:\"1.1-8-2.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0138"], "description": "The remote host is missing an update to heimdal\nannounced via advisory DSA 269-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53339", "href": "http://plugins.openvas.org/nasl.php?oid=53339", "type": "openvas", "title": "Debian Security Advisory DSA 269-1 (heimdal)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_269_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 269-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A cryptographic weakness in version 4 of the Kerberos protocol allows\nan attacker to use a chosen-plaintext attack to impersonate any\nprincipal in a realm. Additional cryptographic weaknesses in the krb4\nimplementation permit the use of cut-and-paste attacks to fabricate\nkrb4 tickets for unauthorized client principals if triple-DES keys are\nused to key krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nThis version of the heimdal package changes the default behavior and\ndisallows cross-realm authentication for Kerberos version 4. Because\nof the fundamental nature of the problem, cross-realm authentication\nin Kerberos version 4 cannot be made secure and sites should avoid its\nuse. A new option (--kerberos4-cross-realm) is provided to the kdc\ncommand to re-enable version 4 cross-realm authentication for those\nsites that must use this functionality but desire the other security\nfixes.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 0.4e-7.woody.6\n\nThe old stable distribution (potato) is not affected by this problem,\nsince it isn't compiled against kerberos 4.\n\nFor the unstable distribution (sid) this problem has been\nfixed in version 0.5.2-1.\n\nWe recommend that you upgrade your heimdal packages immediately.\";\ntag_summary = \"The remote host is missing an update to heimdal\nannounced via advisory DSA 269-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20269-1\";\n\nif(description)\n{\n script_id(53339);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:28:10 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0138\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 269-1 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-lib\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-5-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcomerr1-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libotp0-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libroken9-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsl0-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libss0-heimdal\", ver:\"0.4e-7.woody.6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0138"], "description": "The remote host is missing an update to heimdal\nannounced via advisory DSA 269-2.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53351", "href": "http://plugins.openvas.org/nasl.php?oid=53351", "type": "openvas", "title": "Debian Security Advisory DSA 269-2 (heimdal)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_269_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 269-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Due to overzealous applied patches, the security update DSA 269-1\nintroduced problems in some installations, causing the hprop service\nto fail. This is corrected with the update below.\n\nFor completeness, here is the original advisory text:\n\nA cryptographic weakness in version 4 of the Kerberos protocol allows\nan attacker to use a chosen-plaintext attack to impersonate any\nprincipal in a realm. Additional cryptographic weaknesses in the krb4\nimplementation permit the use of cut-and-paste attacks to fabricate\nkrb4 tickets for unauthorized client principals if triple-DES keys are\nused to key krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nThis version of the heimdal package changes the default behavior and\ndisallows cross-realm authentication for Kerberos version 4. Because\nof the fundamental nature of the problem, cross-realm authentication\nin Kerberos version 4 cannot be made secure and sites should avoid its\nuse. A new option (--kerberos4-cross-realm) is provided to the kdc\ncommand to re-enable version 4 cross-realm authentication for those\nsites that must use this functionality but desire the other security\nfixes.\n\nFor the stable distribution (woody) these problems have been\nfixed in version 0.4e-7.woody.8.\n\nThe old stable distribution (potato) is not affected by this problem,\nsince it isn't compiled against kerberos 4.\n\nFor the unstable distribution (sid) the original problem has been\nfixed in version 0.5.2-1 and since it was a new upstream version did\nnot contain the problem mentioned above.\n\nWe recommend that you upgrade your heimdal packages.\";\ntag_summary = \"The remote host is missing an update to heimdal\nannounced via advisory DSA 269-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20269-2\";\n\nif(description)\n{\n script_id(53351);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:28:10 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0138\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 269-2 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-lib\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-5-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcomerr1-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libotp0-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libroken9-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsl0-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libss0-heimdal\", ver:\"0.4e-7.woody.8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0644"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-21T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52402", "href": "http://plugins.openvas.org/nasl.php?oid=52402", "type": "openvas", "title": "FreeBSD Ports: krb5", "sourceData": "#\n#VID bd60922b-fb8d-11d8-a13e-000a95bc6fae\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: krb5\n\nCVE-2004-0644\nThe asn1buf_skiptail function in the ASN.1 decoder library for MIT\nKerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause\na denial of service (infinite loop) via a certain BER encoding.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt\nhttp://www.vuxml.org/freebsd/bd60922b-fb8d-11d8-a13e-000a95bc6fae.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52402);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(11079);\n script_cve_id(\"CVE-2004-0644\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: krb5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"krb5\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.2.2\")>=0 && revcomp(a:bver, b:\"1.3.4\")<=0) {\n txt += 'Package krb5 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n National Cyber Alert System\r\n\r\n Technical Cyber Security Alert TA04-247A\r\n\r\n\r\nVulnerabilities in MIT Kerberos 5\r\n\r\n Original release date: September 3, 2004\r\n Last revised: --\r\n Source: US-CERT\r\n\r\n\r\nSystems Affected\r\n\r\n * MIT Kerberos 5 versions prior to krb5-1.3.5\r\n\r\n * Applications that use versions of MIT Kerberos 5 libraries prior\r\n to krb5-1.3.5\r\n\r\n * Applications that contain code derived from MIT Kerberos 5\r\n\r\n Updated vendor information is available in the systems affected\r\n section of the individual vulnerability notes.\r\n\r\n\r\nOverview\r\n\r\n The MIT Kerberos 5 implementation contains several vulnerabilities,\r\n the most severe of which could allow an unauthenticated, remote\r\n attacker to execute arbitrary code on a Kerberos Distribution Center\r\n (KDC). This could result in the compromise of an entire Kerberos\r\n realm.\r\n\r\n\r\nI. Description\r\n\r\n There are several vulnerabilities in the MIT implementation of the\r\n Kerberos 5 protocol. With one exception (VU#550464), all of the\r\n vulnerabilities involve insecure deallocation of heap memory\r\n (double-free vulnerabilities) during error handling and Abstract\r\n Syntax Notation One (ASN.1) decoding. For further details, please see\r\n the following vulnerability notes:\r\n\r\n VU#795632 - MIT Kerberos 5 ASN.1 decoding functions insecurely\r\n deallocate memory (double-free)\r\n\r\n The MIT Kerberos 5 library does not securely deallocate heap memory\r\n when decoding ASN.1 structures, resulting in double-free\r\n vulnerabilities. An unauthenticated, remote attacker could execute\r\n arbitrary code on a KDC server, which could compromise an entire\r\n Kerberos realm. An attacker may also be able to execute arbitrary code\r\n on Kerberos clients, or cause a denial of service on KDCs or clients.\r\n (Other resources: MITKRB5-SA-2004-002, CAN-2004-0642)\r\n\r\n VU#866472 - MIT Kerberos 5 ASN.1 decoding function krb5_rd_cred()\r\n insecurely deallocates memory (double-free)\r\n\r\n The krb5_rd_cred() function in the MIT Kerberos 5 library does not\r\n securely deallocate heap memory when decoding ASN.1 structures,\r\n resulting in a double-free vulnerability. A remote, authenticated\r\n attacker could execute arbitrary code or cause a denial of service on\r\n any system running an application that calls krb5_rd_cred(). This\r\n includes Kerberos application servers and other applications that\r\n process Kerberos authentication via the MIT Kerberos 5 library,\r\n Generic Security Services Application Programming Interface (GSSAPI),\r\n and other libraries.\r\n (Other resources: MITKRB5-SA-2004-002, CAN-2004-0643)\r\n\r\n VU#350792 - MIT Kerberos krb524d insecurely deallocates memory\r\n (double-free)\r\n\r\n The MIT Kerberos krb524d daemon does not securely deallocate heap\r\n memory when handling an error condition, resulting in a double-free\r\n vulnerability. An unauthenticated, remote attacker could execute\r\n arbitrary code on a system running krb524d, which in many cases is\r\n also a KDC. The compromise of a KDC system can lead to the compromise\r\n of an entire Kerberos realm. An attacker may also be able to cause a\r\n denial of service on a system running krb524d.\r\n (Other resources: MITKRB5-SA-2004-002, CAN-2004-0772)\r\n\r\n VU#550464 - MIT Kerberos 5 ASN.1 decoding function asn1buf_skiptail()\r\n does not properly terminate loop\r\n\r\n The asn1buf_skiptail() function in the MIT Kerberos 5 library does not\r\n properly terminate a loop, allowing an unauthenticated, remote\r\n attacker to cause a denial of service in a KDC, application server, or\r\n Kerberos client.\r\n (Other resources: MITKRB5-SA-2004-003, CAN-2004-0644)\r\n\r\n\r\nII. Impact\r\n\r\n The impacts of these vulnerabilities vary, but an attacker may be able\r\n to execute arbitrary code on KDCs, systems running krb524d (typically\r\n also KDCs), application servers, applications that use Kerberos\r\n libraries directly or via GSSAPI, and Kerberos clients. An attacker\r\n could also cause a denial of service on any of these systems.\r\n\r\n The most severe vulnerabilities could allow an unauthenticated, remote\r\n attacker to execute arbitrary code on a KDC system. This could result\r\n in the compromise of both the KDC and an entire Kerberos realm.\r\n\r\n\r\nIII. Solution\r\n\r\nApply a patch or upgrade\r\n\r\n Check with your vendor(s) for patches or updates. For information\r\n about a specific vendor, please see the systems affected sections in\r\n the individual vulnerability notes or contact your vendor directly.\r\n\r\n Alternatively, apply the appropriate source code patch(es) referenced\r\n in MITKRB5-SA-2004-002 and MITKRB5-SA-2004-003 and recompile.\r\n\r\n These vulnerabilities will be addressed in krb5-1.3.5.\r\n\r\n\r\nAppendix A. References\r\n\r\n * Vulnerability Note VU#795632 -\r\n <http://www.kb.cert.org/vuls/id/795632>\r\n\r\n * Vulnerability Note VU#866472 -\r\n <http://www.kb.cert.org/vuls/id/866472>\r\n\r\n * Vulnerability Note VU#350792 -\r\n <http://www.kb.cert.org/vuls/id/350792>\r\n\r\n * Vulnerability Note VU#550464 -\r\n <http://www.kb.cert.org/vuls/id/550464>\r\n\r\n * MIT krb5 Security Advisory 2004-002 -\r\n <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfre\r\n e.txt>\r\n\r\n * MIT krb5 Security Advisory 2004-003 -\r\n <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-as\r\n n1.txt>\r\n\r\n * Kerberos: The Network Authentication Protocol -\r\n <http://web.mit.edu/kerberos/www/>\r\n\r\n _______________________________________________________________________\r\n\r\n Thanks to Tom Yu and the MIT Kerberos Development team for addressing\r\n these vulnerabilities and coordinating with vendors. MIT credits the\r\n following people: Will Fiveash, Joseph Galbraith, John Hawkinson, Marc\r\n Horowitz, and Nico Williams.\r\n _______________________________________________________________________\r\n\r\n\r\n Feedback can be directed to the author: Art Manion\r\n\r\n _______________________________________________________________________\r\n\r\n This document is available from:\r\n \r\n <http://www.us-cert.gov/cas/techalerts/TA04-245A.html>\r\n _______________________________________________________________________\r\n\r\n\r\n Copyright 2004 Carnegie Mellon University. Terms of use\r\n\r\n Terms of use: <http://www.us-cert.gov/legal.html>\r\n\r\n _______________________________________________________________________\r\n\r\n Revision History\r\n\r\n September 3, 2004: Initial release\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.1 (GNU/Linux)\r\n\r\niD8DBQFBOM3iXlvNRxAkFWARAs9xAKC23q9EekPz/InQVWZPeUVhH4bnKwCgkVfh\r\nvKAOqE4sCXyydZ4BKnNreK8=\r\n=7R1M\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-09-04T00:00:00", "published": "2004-09-04T00:00:00", "id": "SECURITYVULNS:DOC:6734", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6734", "title": "US-CERT Technical Cyber Security Alert TA04-247A -- Vulnerabilities in MIT Kerberos 5", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 543-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nAugust 31st, 2004 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : krb5\r\nVulnerability : several\r\nProblem-Type : remote\r\nDebian-specific: no\r\nCVE ID : CAN-2004-0642 CAN-2004-0643 CAN-2004-0644 CAN-2004-0772\r\nCERT advisory : VU#795632 VU#866472 VU#550464 VU#350792\r\n\r\nThe MIT Kerberos Development Team has discovered a number of\r\nvulnerabilities in the MIT Kerberos Version 5 software. The Common\r\nVulnerabilities and Exposures project identifies the following\r\nvulnerabilities:\r\n\r\nCAN-2004-0642 [VU#795632]\r\n\r\n A double-free error may allow unauthenticated remote attackers to\r\n execute arbitrary code on KDC or clients.\r\n\r\nCAN-2004-0643 [VU#866472]\r\n\r\n Several double-free errors may allow authenticated attackers to\r\n execute arbitrary code on Kerberos application servers.\r\n\r\nCAN-2004-0644 [VU#550464]\r\n\r\n A remotely eploitable denial of service vulnerability has been\r\n found in the KDC and libraries.\r\n\r\nCAN-2004-0772 [VU#350792]\r\n\r\n Several double-free errors may allow remote attackers to execute\r\n arbitrary code on the server. This does not affect the version in\r\n woody.\r\n\r\nFor the stable distribution (woody) these problems have been fixed in\r\nversion 1.2.4-5woody6.\r\n\r\nFor the unstable distribution (sid) these problems have been fixed in\r\nversion 1.3.4-3.\r\n\r\nWe recommend that you upgrade your krb5 packages.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.0 alias woody\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.dsc\r\n Size/MD5 checksum: 750 ac9c3b7f0d3e5187c7e13cb4c3a4dc8a\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.diff.gz\r\n Size/MD5 checksum: 81598 913379c70d82a8229383a36cf0b4d77f\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\r\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\r\n\r\n Architecture independent components:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody6_all.deb\r\n Size/MD5 checksum: 512766 d1fe8d1575287b2afd7a45c0dbae0ef5\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 253608 8603d10da2d300e45ff67bd7cac1a5d6\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 217370 b4f44f5b653d3df770eea062bdeb2498\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 62880 a5d09242a0d5954214bda59f338d2b99\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 251970 489657290fa5204f08ec988cf8a0560c\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 76244 a3e9dce7bc89de97d5a6c9a035b7d909\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 58906 b78c904ed4dff722d2752a726b30b262\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 207342 3e96a9770f5219d8c674f8650414be55\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 83608 0d29998a8afed416a4bd3c5dee6396a9\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 633124 9557407fc033ddd591e78df0ced731f2\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_alpha.deb\r\n Size/MD5 checksum: 367242 149bebb9742b8d1647209a5c30d03bdb\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 197104 bd754064fe97c177e7c9e5e0f046cf63\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 160404 63390af5be6576156fdd3830e00d5626\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 48606 eefb21731dc950aa8ad148216883a44d\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 198408 c2729cfa90b8f655f34da568a3ebc803\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 63506 805d9210508c5a423cb32bf26866c703\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 49192 a085a53b5e50fa5e5f1010dd037d4b71\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 165842 efa2619df8bb9385bbb49a33d3c8178e\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 73324 7e6e9084e0d194590eb82e3dcb0943c0\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 493068 f37d7fa8f15a7af6ed13cfa9c2d8a701\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_arm.deb\r\n Size/MD5 checksum: 294962 c97e9d358069ad98ec7fb0771b52dd30\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 179102 d11420d24cdc0d4613237a8fe83d5e01\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 152130 ec341bf00aed916fe9d45e05dd71b5a4\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 46160 3a09f707fbccb2e6d409866958cde8eb\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 178388 c1ce90707fa1f2cf8f7695c04fddb764\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 61144 8efda42613125215fed06202328da482\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 46432 95c352c0ad6fa0941c2b17c1a41d96d0\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 156406 db64d19e008e4e4948165408dbfccdbe\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 71752 4bd872b9143b135425df4d9ae520d508\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 433674 7d3f123c7b2d8021800e844f46942e8f\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_i386.deb\r\n Size/MD5 checksum: 293454 1999f149b41a8d99fd1378d82c3e7a4e\r\n\r\n Intel IA-64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 322184 c370d49aaaa9af7e6a675a827e2f64c9\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 266360 44ec183d22418da592d6d19ea23bbb68\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 73530 dec8676e0aec415b9997c681c1787028\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 322148 4a402a5cc8943c25a8a7b5cf8ed8b639\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 91834 20faeb949b9a8ae856c82cf55ab3ab6b\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 70482 ebbc992bada546922aa57ca184343b47\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 256068 a13a696aec6972d80324fa9efb8679d8\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 107214 76294f8a872e37633198bdb5e94e3898\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 705500 f1ba029421709d98e6aa423e2f573d0e\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_ia64.deb\r\n Size/MD5 checksum: 474648 96b244e8b34976f164e36303c012dcec\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 214458 8c48524b63dcdf52277ff14d89c48b66\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 189702 601bb249f6f3fbed88b2a4503ea58887\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 53860 3fccc0b2d873e152f82261f8f72d1367\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 213930 e4fbfff502607fae70b662e92c72e0f9\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 68592 8368406da4509ebf7352ffba5b2551d6\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 55692 179c48b8240ae0e6acb33d4fc78bbec1\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 182868 6fbeb34da8433d3d5bc40bf234e8b5e8\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 84822 dbea51aac58e82c349d3c4175b8a26fe\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 557692 1a9ffef5852992690611240068927926\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_hppa.deb\r\n Size/MD5 checksum: 361958 be64b64d90d9becf26fb3cff4733c850\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 164184 3b2e8e114f38e42a3ad3a00753885a92\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 144682 df4087c48b4498a02952a8ef6eb8067b\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 44308 c08e47ea2c8f4b343ec226fac2e80dac\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 163902 07539c1abc32983b08b7daf6a4f7cdd6\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 56838 ef970b995d8e45560e16f0c12a024aff\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 44628 150196caa13aac7658f1329e75135891\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 145966 c28052612efd159617790a1aa3b0e76a\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 69760 887174300de4016d12e07ef6b9daa8ef\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 408702 b1839eee1df0f6ef404b05a749128ea8\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_m68k.deb\r\n Size/MD5 checksum: 277046 e45a5c7dc4cb1212b217ad9ae0aed680\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 206544 ebdc1bebbc641c5a53039a3fcb4fa4f4\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 191090 db1679f7b7149316126b5ea81bef57a0\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 53304 ee4c9fe07db159acf8a1a6e27d23af6c\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 209558 495aad87af9922d422d88fe84731d09a\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 66396 65682abac3f3c01968a474053685e4d8\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 54866 d5c93e6b91f864b799cd7a2a99b342fd\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 175278 4604b92785a65e75ed23c50b3407f771\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 71996 bff40fc321c4cae9c3a93845b5423cf1\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 541250 f831cda17c7e09e8b67c7554bc613b60\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mips.deb\r\n Size/MD5 checksum: 308292 b4582479cd2364cfae3eea77577072f7\r\n\r\n Little endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 210652 33c19fbfce4cc15976a8e1d0010f3bb5\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 190812 3d33b0ee50e9cf54d598e8db6335bdc6\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 53496 3ee11c426a2877abe4e52ffc26361d3c\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 213172 60bfc45d4e98b6a4fcefea365eddcba5\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 66734 6a4bbc6d939246690068bec073bb110c\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 54738 ba4ae70337671a364805048f185746c5\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 177100 da428e631537fbcfcff676c9e74d9ffb\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 71802 343446e1eee3e55f431a32bda22bf65c\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 541324 d50e3ab3fb2eb336ccfeb2e11b108bc0\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mipsel.deb\r\n Size/MD5 checksum: 306984 4dfc580461b9b361497041c737c27241\r\n\r\n PowerPC architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 188236 c57636a24bad474e17adecbb630b3313\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 163936 e60810e54adcd83d7f4a3e104ab8f79a\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 49158 25b464d12a8f17fc6035643fd0f8ef59\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 189318 de66be91801bc2cab96f44a7e4cd00d7\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 62512 221b6977a950f09462cdaec5cd831717\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 49118 1cf91914293306cc903c9c524f0692bb\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 162590 7fde6ff1a31817535ef511bf478fc8dc\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 73736 6d7bab2375bd28e01addfcea924d691c\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 490588 51f50c1d2739e368dfe868da6b8940a1\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_powerpc.deb\r\n Size/MD5 checksum: 303354 4bdb3ffc5c3958c96fd732832e118176\r\n\r\n IBM S/390 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 189108 5921c17d311905cdee11a276820bc8dc\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 166216 7c3da30e38aae6797f5aa2e37f97737a\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 50098 79489f66aeeaff0002c248c16c810168\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 190424 ff53903e68084010566b3521f3f0bbc8\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 66888 883d8aeb0f8eccf8ab481c9f7084d06b\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 50064 b1b243f9272e76b58172e770d5516055\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 164196 c782d0f35a16cc5519265b3f5daea2af\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 76286 b71917b2a71a6bfd8c4dd669e8bb8213\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 453112 348f85f633bc76b1b3d2352f9c74e2db\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_s390.deb\r\n Size/MD5 checksum: 319462 fa95c685010c25fdbdd0fa7edd844aee\r\n\r\n Sun Sparc architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 183226 37012c1c58e216f6b9943439183ad520\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 172820 b2919342dec99991257c54580756ea4f\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 49572 f93fb8ce382307afb5b902b9f3805299\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 184134 73e6ae9febbdf9add8b407e74ff4b4e7\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 64184 52dcd6dfd0078e75241feb10ce62876a\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 49560 3734b8c93cd06c65a0ba094679cd33ae\r\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 159332 46fc4ae6ac3a19ff018e19b572d98e45\r\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 73096 c109c7ad61d11d9d7ba0fe5dcbb819cb\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 462712 848372a1fa3fc9a5a902147f7dacf354\r\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_sparc.deb\r\n Size/MD5 checksum: 301200 80c2b5d6f5f1864e5018bcfa50b9857b\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.5 (GNU/Linux)\r\n\r\niD8DBQFBNLE3W5ql+IAeqTIRAuIrAKCxVgbi2wZUpBY9cUQ5hjmAALksKQCfSb/Z\r\nJm2xEUJkK9cVa4aUhJFIo2c=\r\n=EPcf\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2004-09-01T00:00:00", "published": "2004-09-01T00:00:00", "id": "SECURITYVULNS:DOC:6705", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6705", "title": "[SECURITY] [DSA 543-1] New krb5 packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\n\r\n MIT krb5 Security Advisory 2004-002\r\n\r\nOriginal release: 2004-08-31\r\n\r\nTopic: double-free vulnerabilities in KDC and libraries\r\n\r\nSeverity: CRITICAL\r\n\r\nSUMMARY\r\n=======\r\n\r\nThe MIT Kerberos 5 implementation's Key Distribution Center (KDC)\r\nprogram contains a double-free vulnerability that potentially allows a\r\nremote attacker to execute arbitrary code. Compromise of a KDC host\r\ncompromises the security of the entire authentication realm served by\r\nthe KDC. Additionally, double-free vulnerabilities exist in MIT\r\nKerberos 5 library code, making client programs and application\r\nservers vulnerable.\r\n\r\nExploitation of double-free bugs is believed to be difficult. No\r\nexploits are known to exist for these vulnerabilities.\r\n\r\nIMPACT\r\n======\r\n\r\n* A unauthenticated remote attacker can potentially execute arbitrary\r\n code on a KDC host, compromising an entire Kerberos\r\n realm. [CAN-2004-0642]\r\n\r\n* A remote attacker can potentially execute arbitrary code on a host\r\n running krb524d, possibly compromising an entire Kerberos realm if\r\n the host is a KDC host. [CAN-2004-0772]\r\n\r\n* An authenticated attacker can also potentially execute arbitrary\r\n code on hosts running vulnerable services. [CAN-2004-0643]\r\n\r\n* An attacker impersonating a legitimate KDC or application server can\r\n potentially execute arbitrary code on a client host while the client\r\n is authenticating. [CAN-2004-0642]\r\n\r\nAFFECTED SOFTWARE\r\n=================\r\n\r\n* KDC software from all releases of MIT Kerberos 5 up to and including\r\n krb5-1.3.4. [CAN-2004-0642]\r\n\r\n* The krb524d program from krb5-1.2.8 and later. The krb524d present\r\n in earlier releases is vulnerable if it has been patched to disable\r\n krb4 cross-realm functionality. [CAN-2004-0772]\r\n\r\n* Applications calling the krb5_rd_cred() function in releases prior\r\n to krb5-1.3.2. Such applications in the MIT krb5 releases include\r\n the remote login daemons (krshd, klogind, and telnetd) and the FTP\r\n daemon. The krb5_rd_cred() function decrypts and decodes forwarded\r\n Kerberos credentials. Third-party applications calling this\r\n function directly or indirectly (by means of the GSSAPI or other\r\n libraries) are vulnerable. [CAN-2004-0643]\r\n\r\n* Client code from all releases of MIT Kerberos 5 up to and including\r\n krb5-1.3.4. Third-party applications directly or indirectly calling\r\n client library functions may also be vulnerable. [CAN-2004-0642]\r\n\r\nFIXES\r\n=====\r\n\r\n* The upcoming krb5-1.3.5 release will contain fixes for these\r\n problems.\r\n\r\n* Apply the appropriate patch or patches referenced below, and rebuild\r\n the software.\r\n\r\n - If you are running krb5-1.3 through krb5-1.3.4, apply\r\n 2004-002-patch_1.3.4.txt.\r\n\r\n - If you are running krb5-1.3 through krb5-1.3.1, apply\r\n 2004-002-patch_1.3.1.txt.\r\n\r\n - If you are running krb5-1.2.8, apply\r\n 2004-002-patch_1.2.8.txt.\r\n\r\n - Things become more complicated if you are running krb5-1.2 through\r\n krb5-1.2.7. The correct set of patches to apply will depend on\r\n whether you have applied the patches to disable krb4 cross-realm\r\n functionality [MITKRB5-SA-2003-004].\r\n\r\n + If you are running krb5-1.2.6 through krb5-1.2.7, and have\r\n applied the patches to disable krb4 cross-realm functionality,\r\n apply 2004-002-patch_1.2.8.txt.\r\n\r\n + If you are running krb5-1.2 through krb5-1.2.5, and have applied\r\n the patches to disable krb4 cross-realm functionality, apply\r\n 2004-002-patch_1.2.7.txt, followed by\r\n 2004-002-k524d_patch_1.2.5.txt.\r\n\r\n + If you are running krb5-1.2 through krb5-1.2.7, and have not\r\n applied the patches to disable krb4 cross-realm functionality,\r\n apply 2004-002-patch_1.2.7.txt.\r\n\r\nSummary chart of patches to apply for releases krb5-1.2 through krb5-1.2.7:\r\n\r\n | patched for 2003-004 | not patched for 2003-004\r\n -----------+--------------------------------+--------------------------\r\n krb5-1.2.7 | |\r\n -----------+ 2004-002-patch_1.2.8.txt |\r\n krb5-1.2.6 | |\r\n -----------+--------------------------------+ 2004-002-patch_1.2.7.txt\r\n krb5-1.2.5 | 2004-002-patch_1.2.7.txt |\r\n through | and |\r\n krb5-1.2 | 2004-002-k524d_patch_1.2.5.txt |\r\n\r\nPatches available:\r\n\r\n* Patch for krb5-1.3.4 (2004-002-patch_1.3.4.txt)\r\n\r\n* Patch for krb5-1.3.1 (2004-002-patch_1.3.1.txt)\r\n\r\n* Patch for krb5-1.2.8 (2004-002-patch_1.2.8.txt)\r\n\r\n* Patch for krb5-1.2.7 (2004-002-patch_1.2.7.txt)\r\n\r\n* Patch for krb524d in krb5-1.2.5 which has been previously patched\r\n to disable krb4 cross-realm (2004-002-k524d_patch_1.2.5.txt)\r\n\r\nNote: Each patch are generated against the specific release noted\r\nabove. The patches may apply with some offset against other\r\ncompatible releases listed above.\r\n\r\n2004-002-patch_1.3.4.txt\r\n========================\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.4.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.4.txt.asc\r\n\r\n2004-002-patch_1.3.1.txt\r\n========================\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.1.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.3.1.txt.asc\r\n\r\n2004-002-patch_1.2.8.txt\r\n========================\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.8.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_128.txt.asc\r\n\r\n2004-002-patch_1.2.7.txt\r\n========================\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.7.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-patch_1.2.7.txt.asc\r\n\r\n2004-002-k524d_patch_1.2.5.txt\r\n==============================\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-k524d_patch_1.2.5.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-002-k524d_patch_1.2.5.txt.asc\r\n\r\nREFERENCES\r\n==========\r\n\r\nThis announcement and related security advisories may be found on the\r\nMIT Kerberos security advisory page at:\r\n\r\n http://web.mit.edu/kerberos/advisories/index.html\r\n\r\nThe main MIT Kerberos web page is at:\r\n\r\n http://web.mit.edu/kerberos/index.html\r\n\r\nCERT VU#795632\r\n\r\n http://www.kb.cert.org/vuls/id/795632\r\n\r\nCVE CAN-2004-0642\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0642\r\n\r\n KDC and client libraries double-free on error conditions in\r\n MIT Kerberos 5 releases krb5-1.3.4 and earlier, allowing\r\n unauthenticated remote attackers to execute arbitrary code\r\n\r\nCERT VU#866472\r\n\r\n http://www.kb.cert.org/vuls/id/866472\r\n\r\nCVE CAN-2004-0643\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0643\r\n\r\n krb5_rd_cred() double-frees on error conditions in MIT\r\n Kerberos 5 releases krb5-1.3.1 and earlier, allowing\r\n authenticated attackers to execute arbitrary code\r\n\r\nVU#350792\r\n\r\n http://www.kb.cert.org/vuls/id/350792\r\n\r\nCVE CAN-2004-0772\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0772\r\n\r\n krb524d in krb5-1.2.8 and later double-frees on error\r\n conditions, allowing remote attackers to execute arbitrary\r\n code. Earlier releases patched for the krb4 protocol\r\n vulnerability [MITKRB5-SA-2003-004] are also vulnerable.\r\n\r\nACKNOWLEDGMENTS\r\n===============\r\n\r\nThanks to Will Fiveash and Nico Williams at Sun for finding some of\r\nthese vulnerabilities and for providing initial patches.\r\n\r\nThanks to Marc Horowitz for discovering the krb524d vulnerability.\r\n\r\nThanks to Nalin Dahyabhai for providing a corrected patch for krb524d\r\nin releases krb5-1.2 through krb5-1.2.5 in cases where krb524d has\r\nbeen patched to disable krb4 cross-realm functionality.\r\n\r\nThanks to Joseph Galbraith and John Hawkinson, who both independently\r\ndiscovered the double-free in krb5_rd_cred() which was corrected in\r\nrelease krb5-1.3.2.\r\n\r\nDETAILS\r\n=======\r\n\r\nIn the MIT krb5 library, in all releases up to and including\r\nkrb5-1.3.4, ASN.1 decoder functions and their callers do not use a\r\nconsistent set of memory management conventions. The callers expect\r\nthe decoders to allocate memory. The callers typically have\r\nerror-handling code which frees memory allocated by the ASN.1 decoders\r\nif pointers to the allocated memory are non-null. Upon encountering\r\nerror conditions, the ASN.1 decoders themselves free memory which they\r\nhave allocated, but do not null the corresponding pointers. When some\r\nlibrary functions receive errors from the ASN.1 decoders, they attempt\r\nto pass the non-null pointer (which points to freed memory) to free(),\r\ncausing a double-free.\r\n\r\nIn all releases of MIT krb5 up to and including krb5-1.3.4, cleanup\r\ncode in the KDC frees memory returned by ASN.1 decoders. This cleanup\r\ncode only frees memory pointed to by non-null pointers, but if an\r\nASN.1 decoder returns an error, the cleanup code will free memory\r\npreviously freed by the decoder.\r\n\r\nImplementations of krb5_rd_cred() prior to the krb5-1.3.2 release\r\ncontained code to explicitly free the buffer returned by the ASN.1\r\ndecoder function decode_krb5_enc_cred_part() when the decoder returns\r\nan error. This is another double-free, since the decoder would itself\r\nfree the buffer on error. Since decode_krb5_enc_cred_part() does not\r\nget called unless the decryption of the encrypted part of the KRB-CRED\r\nis successful, the attacker needs to have authenticated. This code\r\nwas corrected in the krb5-1.3.2 release.\r\n\r\nThe patch (introduced in krb5-1.2.8 and present in all subsequent\r\nreleases) for disabling krb4 cross-realm authentication in krb524d\r\nintroduced a double-free vulnerability. If handle_classic_v4() denies\r\nthe conversion of a cross-realm ticket, v5tkt->enc_part2 gets freed\r\nbut not nulled, so do_connection() double-frees many things when it\r\nsubsequently calls krb5_free_ticket().\r\n\r\nREVISION HISTORY\r\n================\r\n\r\n2004-08-31 original release\r\n\r\nCopyright (C) 2004 Massachusetts Institute of Technology\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.5 (SunOS)\r\n\r\niQCVAwUBQTTAUabDgE/zdoE9AQHSFwP/S0bIduge4dDmZiTlDEUa5L1CjESpAq3O\r\n905Ru47xTmKqKpCC6cpIxpFqeXZAZkc8HzIp4kaZUNJ3+cik2Mg+YSdP5mM9ys67\r\ngeZZoF6pufgh9Ym4gMK6YJjYxsJgSrEbcpgrYv710GEy1SqsE2o7O0Y5WSYv3Df+\r\n8Nz22+QoVzw=\r\n=dpRb\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-09-02T00:00:00", "published": "2004-09-02T00:00:00", "id": "SECURITYVULNS:DOC:6723", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6723", "title": "MITKRB5-SA-2004-002: double-free vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "cvelist": ["CVE-2004-0644"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\n\r\n MIT krb5 Security Advisory 2004-003\r\n\r\nOriginal release: 2004-08-31\r\n\r\nTopic: ASN.1 decoder denial of service\r\n\r\nSeverity: serious\r\n\r\nSUMMARY\r\n=======\r\n\r\nThe ASN.1 decoder library in the MIT Kerberos 5 distribution is\r\nvulnerable to a denial-of-service attack causing an infinite loop in\r\nthe decoder. The KDC is vulnerable to this attack.\r\n\r\nIMPACT\r\n======\r\n\r\n* An unauthenticated remote attacker can cause a KDC or application\r\n server to hang inside an infinite loop. [CAN-2004-0644]\r\n\r\n* An attacker impersonating a legitimate KDC or application server may\r\n cause a client program to hang inside an infinite\r\n loop. [CAN-2004-0644]\r\n\r\nAFFECTED SOFTWARE\r\n=================\r\n\r\n* KDC software and applications from MIT Kerberos 5 releases\r\n krb5-1.2.2 through krb5-1.3.4.\r\n\r\n* Applications using the MIT krb5 libraries from the above releases.\r\n\r\nFIXES\r\n=====\r\n\r\n* The upcoming krb5-1.3.5 release will contain fixes for these\r\n problems.\r\n\r\n* Apply the appropriate patch referenced below, and rebuild the software.\r\n\r\nPatches available:\r\n\r\n* Patch against krb5-1.3.4 (should apply to earlier krb5-1.3.x releases)\r\n\r\n* Patch against krb5-1.2.8 (should apply to releases krb5-1.2.2\r\n through krb5-1.2.7 as well)\r\n\r\nPATCH AGAINST krb5-1.3.4\r\n========================\r\n\r\n* This patch was generated against krb5-1.3.4; it may\r\n apply, with some offset, to earlier krb5-1.3.x releases.\r\n\r\n This patch may also be found at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-003-patch_1.3.4.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-003-patch_1.3.4.txt.asc\r\n\r\nIndex: src/lib/krb5/asn.1/asn1buf.c\r\n===================================================================\r\nRCS file: /cvs/krbdev/krb5/src/lib/krb5/asn.1/asn1buf.c,v\r\nretrieving revision 5.24\r\n*** src/lib/krb5/asn.1/asn1buf.c 12 Mar 2003 04:33:30 -0000 5.24\r\n- --- src/lib/krb5/asn.1/asn1buf.c 23 Aug 2004 03:43:47 -0000\r\n***************\r\n*** 122,127 ****\r\n- --- 122,129 ----\r\n return ASN1_OVERRUN;\r\n }\r\n while (nestlevel > 0) {\r\n+ if (buf->bound - buf->next + 1 <= 0)\r\n+ return ASN1_OVERRUN;\r\n retval = asn1_get_tag_2(buf, &t);\r\n if (retval) return retval;\r\n if (!t.indef) {\r\n\r\nPATCH AGAINST krb5-1.2.8\r\n========================\r\n\r\n* This patch was generated against krb5-1.2.8; it may apply, with some\r\n offset, to releases krb5-1.2.2 through krb5-1.2.7. You are strongly\r\n encouraged to update to a release from the krb5-1.3.x series.\r\n\r\n This patch may also be found at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-003-patch_1.2.8.txt\r\n\r\n The associated detached PGP signature is at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2004-003-patch_1.2.8.txt.asc\r\n\r\nIndex: src/lib/krb5/asn.1/asn1buf.c\r\n===================================================================\r\nRCS file: /cvs/krbdev/krb5/src/lib/krb5/asn.1/asn1buf.c,v\r\nretrieving revision 5.19.2.1\r\ndiff -c -r5.19.2.1 asn1buf.c\r\n*** src/lib/krb5/asn.1/asn1buf.c 31 Jan 2001 18:00:12 -0000 5.19.2.1\r\n- --- src/lib/krb5/asn.1/asn1buf.c 23 Aug 2004 03:54:50 -0000\r\n***************\r\n*** 140,145 ****\r\n- --- 140,147 ----\r\n return ASN1_OVERRUN;\r\n }\r\n while (nestlevel > 0) {\r\n+ if (buf->bound - buf->next + 1 <= 0)\r\n+ return ASN1_OVERRUN;\r\n retval = asn1_get_tag_indef(buf, &class, &construction, &tagnum,\r\n &taglen, &tagindef);\r\n if (retval) return retval;\r\n\r\nREFERENCES\r\n==========\r\n\r\nThis announcement and related security advisories may be found on the\r\nMIT Kerberos security advisory page at:\r\n\r\n http://web.mit.edu/kerberos/advisories/index.html\r\n\r\nThe main MIT Kerberos web page is at:\r\n\r\n http://web.mit.edu/kerberos/index.html\r\n\r\nCERT VU#550464\r\n\r\n http://www.kb.cert.org/vuls/id/550464\r\n\r\nCVE CAN-2004-0644\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0644\r\n\r\n ASN.1 decoder bug in MIT Kerberos 5 releases krb5-1.2.2\r\n through krb5-1.3.4 allows unauthenticated remote attackers to\r\n induce infinite loop, causing denial of service, including in\r\n KDC code\r\n\r\nACKNOWLEDGMENTS\r\n===============\r\n\r\nThanks to Will Fiveash and Nico Williams at Sun for finding this\r\nvulnerability.\r\n\r\nDETAILS\r\n=======\r\n\r\nThe ASN.1 decoder in the MIT krb5 library handles indefinite-length\r\nBER encodings for the purpose of backwards compatibility with some\r\nnon-conformant implementations. The ASN.1 decoders call\r\nasn1buf_sync() to skip any trailing unrecognized fields in the\r\nencoding of a SEQUENCE type. asn1buf_sync() calls asn1buf_skiptail()\r\nif the ASN.1 SEQUENCE type being decoded was encoded with an\r\nindefinite length. asn1buf_sync() is provided with a prefetched BER\r\ntag; a placeholder tag is provided by the prefetching code in the case\r\nwhere there is are no more octets in a sub-encoding.\r\n\r\nThe loop in asn1buf_skiptail() which attempts to skip trailing\r\nsub-encodings of an indefinite-length SEQUENCE type does not properly\r\ncheck for end-of-subbuffer conditions or for the placeholder tag,\r\nleading to an infinite loop. Valid BER encodings cannot cause this\r\ncondition; however, it is trivial to construct a corrupt encoding\r\nwhich will trigger the infinite loop.\r\n\r\nREVISION HISTORY\r\n================\r\n\r\n2004-08-31 original release\r\n\r\nCopyright (C) 2004 Massachusetts Institute of Technology\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.5 (SunOS)\r\n\r\niQCVAwUBQTTAIKbDgE/zdoE9AQHyngP+OiwJxYxeHuhNjyXMyCr79mqJcsPP17DB\r\ntsDgQ9jZiD0m+I7rgu+PmPJQfl8qgfEZsEsW5QXppJoC0gIICSqdWbYypXjVzEfh\r\nN7g8ydTIOkKk5WP+ahisWyHiIWg/iX66dDLupzxufgb+1p/2CwoXgTszCBlQP67o\r\n3LMSqXJGDfw=\r\n=RAVs\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-09-01T00:00:00", "published": "2004-09-01T00:00:00", "id": "SECURITYVULNS:DOC:6706", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6706", "title": "MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:34", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "edition": 1, "description": "### Background\n\nMIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. \n\n### Description\n\nThe implementation of the Key Distribution Center (KDC) and the MIT krb5 library contain double-free vulnerabilities, making client programs as well as application servers vulnerable. \n\nThe ASN.1 decoder library is vulnerable to a denial of service attack, including the KDC. \n\n### Impact\n\nThe double-free vulnerabilities could allow an attacker to execute arbitrary code on a KDC host and hosts running krb524d or vulnerable services. In the case of a KDC host, this can lead to a compromise of the entire Kerberos realm. Furthermore, an attacker impersonating a legitimate KDC or application server can potentially execute arbitrary code on authenticating clients. \n\nAn attacker can cause a denial of service for a KDC or application server and clients, the latter if impersonating a legitimate KDC or application server. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll mit-krb5 users should upgrade to the latest stable version: \n \n \n # emerge sync\n \n # emerge -pv \">=app-crypt/mit-krb5-1.3.4\"\n # emerge \">=app-crypt/mit-krb5-1.3.4\"", "modified": "2004-09-06T00:00:00", "published": "2004-09-06T00:00:00", "id": "GLSA-200409-09", "href": "https://security.gentoo.org/glsa/200409-09", "type": "gentoo", "title": "MIT krb5: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:17:13", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0644", "CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 543-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nAugust 31st, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-0642 CAN-2004-0643 CAN-2004-0644 CAN-2004-0772\nCERT advisory : VU#795632 VU#866472 VU#550464 VU#350792\n\nThe MIT Kerberos Development Team has discovered a number of\nvulnerabilities in the MIT Kerberos Version 5 software. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCAN-2004-0642 [VU#795632]\n\n A double-free error may allow unauthenticated remote attackers to\n execute arbitrary code on KDC or clients.\n\nCAN-2004-0643 [VU#866472]\n\n Several double-free errors may allow authenticated attackers to\n execute arbitrary code on Kerberos application servers.\n\nCAN-2004-0644 [VU#550464]\n\n A remotely eploitable denial of service vulnerability has been\n found in the KDC and libraries.\n\nCAN-2004-0772 [VU#350792]\n\n Several double-free errors may allow remote attackers to execute\n arbitrary code on the server. This does not affect the version in\n woody.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody6.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.4-3.\n\nWe recommend that you upgrade your krb5 packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.dsc\n Size/MD5 checksum: 750 ac9c3b7f0d3e5187c7e13cb4c3a4dc8a\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody6.diff.gz\n Size/MD5 checksum: 81598 913379c70d82a8229383a36cf0b4d77f\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody6_all.deb\n Size/MD5 checksum: 512766 d1fe8d1575287b2afd7a45c0dbae0ef5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 253608 8603d10da2d300e45ff67bd7cac1a5d6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 217370 b4f44f5b653d3df770eea062bdeb2498\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 62880 a5d09242a0d5954214bda59f338d2b99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 251970 489657290fa5204f08ec988cf8a0560c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 76244 a3e9dce7bc89de97d5a6c9a035b7d909\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 58906 b78c904ed4dff722d2752a726b30b262\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 207342 3e96a9770f5219d8c674f8650414be55\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 83608 0d29998a8afed416a4bd3c5dee6396a9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 633124 9557407fc033ddd591e78df0ced731f2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_alpha.deb\n Size/MD5 checksum: 367242 149bebb9742b8d1647209a5c30d03bdb\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 197104 bd754064fe97c177e7c9e5e0f046cf63\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 160404 63390af5be6576156fdd3830e00d5626\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 48606 eefb21731dc950aa8ad148216883a44d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 198408 c2729cfa90b8f655f34da568a3ebc803\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 63506 805d9210508c5a423cb32bf26866c703\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 49192 a085a53b5e50fa5e5f1010dd037d4b71\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 165842 efa2619df8bb9385bbb49a33d3c8178e\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 73324 7e6e9084e0d194590eb82e3dcb0943c0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 493068 f37d7fa8f15a7af6ed13cfa9c2d8a701\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_arm.deb\n Size/MD5 checksum: 294962 c97e9d358069ad98ec7fb0771b52dd30\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 179102 d11420d24cdc0d4613237a8fe83d5e01\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 152130 ec341bf00aed916fe9d45e05dd71b5a4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 46160 3a09f707fbccb2e6d409866958cde8eb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 178388 c1ce90707fa1f2cf8f7695c04fddb764\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 61144 8efda42613125215fed06202328da482\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 46432 95c352c0ad6fa0941c2b17c1a41d96d0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 156406 db64d19e008e4e4948165408dbfccdbe\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 71752 4bd872b9143b135425df4d9ae520d508\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 433674 7d3f123c7b2d8021800e844f46942e8f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_i386.deb\n Size/MD5 checksum: 293454 1999f149b41a8d99fd1378d82c3e7a4e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 322184 c370d49aaaa9af7e6a675a827e2f64c9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 266360 44ec183d22418da592d6d19ea23bbb68\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 73530 dec8676e0aec415b9997c681c1787028\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 322148 4a402a5cc8943c25a8a7b5cf8ed8b639\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 91834 20faeb949b9a8ae856c82cf55ab3ab6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 70482 ebbc992bada546922aa57ca184343b47\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 256068 a13a696aec6972d80324fa9efb8679d8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 107214 76294f8a872e37633198bdb5e94e3898\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 705500 f1ba029421709d98e6aa423e2f573d0e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_ia64.deb\n Size/MD5 checksum: 474648 96b244e8b34976f164e36303c012dcec\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 214458 8c48524b63dcdf52277ff14d89c48b66\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 189702 601bb249f6f3fbed88b2a4503ea58887\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 53860 3fccc0b2d873e152f82261f8f72d1367\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 213930 e4fbfff502607fae70b662e92c72e0f9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 68592 8368406da4509ebf7352ffba5b2551d6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 55692 179c48b8240ae0e6acb33d4fc78bbec1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 182868 6fbeb34da8433d3d5bc40bf234e8b5e8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 84822 dbea51aac58e82c349d3c4175b8a26fe\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 557692 1a9ffef5852992690611240068927926\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_hppa.deb\n Size/MD5 checksum: 361958 be64b64d90d9becf26fb3cff4733c850\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 164184 3b2e8e114f38e42a3ad3a00753885a92\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 144682 df4087c48b4498a02952a8ef6eb8067b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 44308 c08e47ea2c8f4b343ec226fac2e80dac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 163902 07539c1abc32983b08b7daf6a4f7cdd6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 56838 ef970b995d8e45560e16f0c12a024aff\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 44628 150196caa13aac7658f1329e75135891\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 145966 c28052612efd159617790a1aa3b0e76a\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 69760 887174300de4016d12e07ef6b9daa8ef\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 408702 b1839eee1df0f6ef404b05a749128ea8\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_m68k.deb\n Size/MD5 checksum: 277046 e45a5c7dc4cb1212b217ad9ae0aed680\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 206544 ebdc1bebbc641c5a53039a3fcb4fa4f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 191090 db1679f7b7149316126b5ea81bef57a0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 53304 ee4c9fe07db159acf8a1a6e27d23af6c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 209558 495aad87af9922d422d88fe84731d09a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 66396 65682abac3f3c01968a474053685e4d8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 54866 d5c93e6b91f864b799cd7a2a99b342fd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 175278 4604b92785a65e75ed23c50b3407f771\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 71996 bff40fc321c4cae9c3a93845b5423cf1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 541250 f831cda17c7e09e8b67c7554bc613b60\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mips.deb\n Size/MD5 checksum: 308292 b4582479cd2364cfae3eea77577072f7\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 210652 33c19fbfce4cc15976a8e1d0010f3bb5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 190812 3d33b0ee50e9cf54d598e8db6335bdc6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 53496 3ee11c426a2877abe4e52ffc26361d3c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 213172 60bfc45d4e98b6a4fcefea365eddcba5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 66734 6a4bbc6d939246690068bec073bb110c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 54738 ba4ae70337671a364805048f185746c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 177100 da428e631537fbcfcff676c9e74d9ffb\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 71802 343446e1eee3e55f431a32bda22bf65c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 541324 d50e3ab3fb2eb336ccfeb2e11b108bc0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_mipsel.deb\n Size/MD5 checksum: 306984 4dfc580461b9b361497041c737c27241\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 188236 c57636a24bad474e17adecbb630b3313\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 163936 e60810e54adcd83d7f4a3e104ab8f79a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 49158 25b464d12a8f17fc6035643fd0f8ef59\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 189318 de66be91801bc2cab96f44a7e4cd00d7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 62512 221b6977a950f09462cdaec5cd831717\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 49118 1cf91914293306cc903c9c524f0692bb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 162590 7fde6ff1a31817535ef511bf478fc8dc\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 73736 6d7bab2375bd28e01addfcea924d691c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 490588 51f50c1d2739e368dfe868da6b8940a1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_powerpc.deb\n Size/MD5 checksum: 303354 4bdb3ffc5c3958c96fd732832e118176\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 189108 5921c17d311905cdee11a276820bc8dc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 166216 7c3da30e38aae6797f5aa2e37f97737a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 50098 79489f66aeeaff0002c248c16c810168\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 190424 ff53903e68084010566b3521f3f0bbc8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 66888 883d8aeb0f8eccf8ab481c9f7084d06b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 50064 b1b243f9272e76b58172e770d5516055\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 164196 c782d0f35a16cc5519265b3f5daea2af\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 76286 b71917b2a71a6bfd8c4dd669e8bb8213\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 453112 348f85f633bc76b1b3d2352f9c74e2db\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_s390.deb\n Size/MD5 checksum: 319462 fa95c685010c25fdbdd0fa7edd844aee\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 183226 37012c1c58e216f6b9943439183ad520\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 172820 b2919342dec99991257c54580756ea4f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 49572 f93fb8ce382307afb5b902b9f3805299\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 184134 73e6ae9febbdf9add8b407e74ff4b4e7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 64184 52dcd6dfd0078e75241feb10ce62876a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 49560 3734b8c93cd06c65a0ba094679cd33ae\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 159332 46fc4ae6ac3a19ff018e19b572d98e45\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 73096 c109c7ad61d11d9d7ba0fe5dcbb819cb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 462712 848372a1fa3fc9a5a902147f7dacf354\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody6_sparc.deb\n Size/MD5 checksum: 301200 80c2b5d6f5f1864e5018bcfa50b9857b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "id": "DEBIAN:DSA-543-1:86473", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00147.html", "title": "[SECURITY] [DSA 543-1] New krb5 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:16:49", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0072", "CVE-2003-0028", "CVE-2003-0138", "CVE-2003-0139"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 266-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 17th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE Ids : CAN-2003-0028 CAN-2003-0072 CAN-2003-0138 CAN-2003-0139\nCERT advisories: VU#623217 VU#442569 VU#516825 CA-2003-10\n\nSeveral vulnerabilities have been discovered in krb5, an\nimplementation of MIT Kerberos.\n\n . A cryptographic weakness in version 4 of the Kerberos protocol\n allows an attacker to use a chosen-plaintext attack to impersonate\n any principal in a realm. Additional cryptographic weaknesses in\n the krb4 implementation included in the MIT krb5 distribution\n permit the use of cut-and-paste attacks to fabricate krb4 tickets\n for unauthorized client principals if triple-DES keys are used to\n key krb4 services. These attacks can subvert a site's entire\n Kerberos authentication infrastructure.\n\n Kerberos version 5 does not contain this cryptographic\n vulnerability. Sites are not vulnerable if they have Kerberos v4\n completely disabled, including the disabling of any krb5 to krb4\n translation services.\n\n . The MIT Kerberos 5 implementation includes an RPC library derived\n from SUNRPC. The implementation contains length checks, that are\n vulnerable to an integer overflow, which may be exploitable to\n create denials of service or to gain unauthorized access to\n sensitive information.\n\n . Buffer overrun and underrun problems exist in Kerberos principal\n name handling in unusual cases, such as names with zero components,\n names with one empty component, or host-based service principal\n names with no host name component.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 1.2.4-5woody4.\n\nThe old stable distribution (potato) does not contain krb5 packages.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your krb5 package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1-0woody1.dsc\n Size/MD5 checksum: 715 d96f63ec5433fe5e34541322f2ec4e6f\n http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1-0woody1.diff.gz\n Size/MD5 checksum: 117016 050172c17604c6075d5141adf62721bb\n http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1.orig.tar.gz\n Size/MD5 checksum: 837668 459c1d0262e939d6432f193c7a4ba8a8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody4_all.deb\n Size/MD5 checksum: 512446 29525c9953ceb91febdad9ef375b2a44\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 253298 38272cd78cbafdd28b6634448a9b4339\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 217044 2dac6d7e4253d856c55575ec1ad547ce\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 62486 0d0cbeeb24b2ae83ac464e19cd7b9cce\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 251682 49a774635a51081e01e8b3f13e5fe526\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 75928 cae86e32606c1fcfa845acb5148708ac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 58594 34c719bd595658d3c20eef588cdbc775\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 207088 f8b4550bfb753354ae0d40161926bc0b\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 83204 9b70ed19838cb9f5777808eccee91914\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 632620 5a67837bbad42d6c08626d3ba4b66055\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_alpha.deb\n Size/MD5 checksum: 366806 e17a3a1ce6c7d722ff20fa774b180790\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 196794 465433fb83efa7dbb8f86f94e68937e0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 160112 e1e3ebf5bebec8a7aac933f8280d54e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 48278 5e7685fed5374857081684a92fdce555\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 198106 a365166b29736d2322f6fde29618c081\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 63206 0042878e72408095926db855ddae1a59\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 48840 fb0cfa78f5208bf9ed58edf541151353\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 165574 6a699460600dd88f73fbbaa1f901a242\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 73008 863aa7c82638e4a099587f48dc97d49a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 492690 8b54536a5baf3177ba6865b8f857125a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_arm.deb\n Size/MD5 checksum: 294468 b990ae80031f216455259ba84ac33ccb\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 178822 e01f7e7537a32c1111a99a9b8b36bbaa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 151860 cdeb92131cb56b75dc0f458fe0a4422a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 45860 4b7348b682252f0d1c838845ed2c30cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 178132 b98a5811e113fd70c1ddb575109f2c2b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 60858 8d84eac01dc0b07821e6325b900ed004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 46130 a11772127378efd1c833f27cc7367a27\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 156180 a724cb58a2ef2b6ce756607ac70549a0\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 71452 9ad325c985a673b8ed6eba7e0f838913\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 433292 6ba666aaa5ad9ba70a6637f875b34b3a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_i386.deb\n Size/MD5 checksum: 293058 33360837c7c1dd4b41e5ac3a4408a403\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 321838 7588d131ab725e44ab97f0efe83a7112\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 266004 0847d00d9ce1e2ec502a57073ef3af45\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 73240 738350d389ac624916b20f815ad3fc80\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 321772 5d2ff22069fec3715fb36819f48099e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 91538 9f4c859a2a51d24c4060cef160562439\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 70168 893ebbc8b992b14090f26a11783bacaf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 255798 6ac9448c71a561f32f1fc02b88519421\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 106844 f0d2ec797dc41902c764ca6b056d0eae\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 705022 2da30742db084e058442847ed6d6ee8e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_ia64.deb\n Size/MD5 checksum: 474086 e2479dae4bde040a3bd35ecf243528d9\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 214158 d83262340dc1cd888c18c9ce5df71f5b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 189400 8716b135eade70cff0a345f7a83ba5e4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 53550 bc480c19a038a319aacec577d8540be5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 213636 1a8e7ebf21292701c9c96c67df2a7084\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 68248 13819e71f5c2252f93da3351db9efe76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 55376 ab39d4a298fc1fb9a135edfb16673279\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 182518 e1b0a1188ef8feeef92acad1c1495dcc\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 84490 05a18768b22429742161bd3e7c4ca591\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 557252 b0c6f7fa3fddfa5b92fad35662b3fcb8\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_hppa.deb\n Size/MD5 checksum: 361574 17040c44a5b3388dc53e38f82ed95138\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 163874 1ed05a5fa69e48698d281ef20dbc9541\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 144396 88969898a1e126662efa89ac99e33ec3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 44008 8767192f6736ced7972792d1703094cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 163628 216af0fa467b3808540cb4c6322d2886\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 56550 5e09b79a1a6549d58fab837209b30878\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 44306 403197a0ba375350f08a95c5db8d8454\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 145612 1f947b6878a449c6deddccacd63dfcb2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 69436 8a049ab9bdaf55293b7b7fdb6adff357\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 408718 bd798af04c968b7aec77a696f520f335\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_m68k.deb\n Size/MD5 checksum: 276660 76ee14f1ba7ce281bdc2a4c7c1f32010\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 206222 54886999472cece91354d62ac092232f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 190794 6bae2159a5e27914c0cf18894d71dafd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 52990 7ba836f937c6a25972ba039f2aec6c69\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 209098 0d5a4cf3459aa1187d64f299605a1356\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 66092 fa1ab7363cb751a28780cb92796fb948\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 54548 9515c8cdc33c719df40b8338c7149665\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 175008 ce8c1f3b7e0be79b96109a98bfca574f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 71648 a47d5b205700b51579a37567ea042460\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 540558 762c93c226fae530690dcec3413ca704\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_mips.deb\n Size/MD5 checksum: 307892 2305a9ba885d163fb034d3c2eebfff1d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 210318 d1d185b89c793178c01f81f314281562\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 190488 88421875390356e881a0b57a77fcbeec\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 53184 1c0d9f7f4c68cbc0b565786a16ea57ad\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 212748 5b9cb0065fa922da7795872346bb3c86\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 66412 1c050b90b1b2cee69c7bfd21b2f54844\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 54422 fdc65f95e8a0c816d13dcc464f97f9e7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 176778 c5fd5b5a204baa65fd87feac08d8b618\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 71448 fcf181b1b8b01b3a73e0d5799248d467\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 540202 3615ff69350f35cf16efa11e9f8f823f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_mipsel.deb\n Size/MD5 checksum: 306552 cd2607af5dfec51c5f79c44f4f8ce48d\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 187936 7a700e84a8323c4b498abf74b07f9a3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 163624 a842eadc59733e0e93151c45194e0441\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 48854 6132a3bd9f59c5a25dec2cc05c5494fc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 189016 042dacaf151b42fedae25642e586ab09\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 62216 2b64754367e0f76e46286a15d0a99073\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 48816 396124670d45d841392d02cd8fa584b6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 162306 c5195c88b7235d19bed5a2193df27ca2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 73426 b2db2165da23bdb6bb11f604a42de3ee\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 490280 7d7173fc921960c344e7c361ed171b51\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_powerpc.deb\n Size/MD5 checksum: 302968 54864290375222f045185e5eba807c21\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 188800 60eca0add1877235d5b16cc63f3f7f69\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 165924 67620cfff8a8c996f445bdbfe1b6a37c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 49786 ddf15bae37b3c510ba7af67574357655\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 190122 3f188c38314486ab4d3e4b70bed870af\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 66582 59decc4c1382843537b3bbc4a3b2736e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 49764 342df1caaa77b7161170a030c15aa5fb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 163954 b43d84a531bc183aa884559d5afb3a26\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 75978 3a627da776f09b85bd592129a55b371e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 452718 4c62d618a8e860a21bbf711146bd6d1d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_s390.deb\n Size/MD5 checksum: 318954 9f458fb9f5c0999d2abe775e1334abea\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 182928 c0d78b3d83903667b098297794383b6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 172530 478a147848dd071874a69e9f0d1a172e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 49270 2ab2c7f961c126de5c3d05c78329ba60\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 183864 05d03a80121c70cc2cb16afba5ef9f22\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 63882 bdd1e6e64d892b7431ba50f2a11a7982\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 49212 2fa55173cd8fc6cdab2aa1d4f73c73fe\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 159024 c7cad0e11e0f0e7348d2a13b8bb9e70c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 72746 fe81012f9548d32757192cda42e2ed5a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 462300 ac1ce3b5ab61d00bdff0cc063a7c6afa\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody4_sparc.deb\n Size/MD5 checksum: 300732 465ca13e56998e0082f86489d5c85814\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2003-03-24T00:00:00", "published": "2003-03-24T00:00:00", "id": "DEBIAN:DSA-266-1:FD10A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00049.html", "title": "[SECURITY] [DSA 266-1] New krb5 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:16", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0138"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 273-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 28th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb4\nVulnerability : Cryptographic weakness\nProblem-Type : remote\nDebian-specific: no\nCVE Id : CAN-2003-0138\nCERT advisory : VU#623217\n\nA cryptographic weakness in version 4 of the Kerberos protocol allows\nan attacker to use a chosen-plaintext attack to impersonate any\nprincipal in a realm. Additional cryptographic weaknesses in the krb4\nimplementation permit the use of cut-and-paste attacks to fabricate\nkrb4 tickets for unauthorized client principals if triple-DES keys are\nused to key krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 1.1-8-2.3.\n\nFor the old stable distribution (woody) this problem has been\nfixed in version 1.0-2.3.\n\nFor the unstable distribution (sid) this problem has been\nfixed in version 1.2.2-1.\n\nWe recommend that you upgrade your krb4 packages immediately.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 2.2 alias potato\n- ---------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.3.dsc\n Size/MD5 checksum: 810 fdaf474ffbd03bdd501caa5489e979bc\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.3.diff.gz\n Size/MD5 checksum: 15369 efe9cf1780a8331bdd9306e5beeb74f8\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0.orig.tar.gz\n Size/MD5 checksum: 1383337 847d13e410778af000d9a42d3ad52d04\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.3_alpha.deb\n Size/MD5 checksum: 209944 0904df77aa333cddebe872e2fd48ef26\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.3_alpha.deb\n Size/MD5 checksum: 172392 939a37db549aaf96b16466ab84e225b4\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.3_alpha.deb\n Size/MD5 checksum: 73188 2d8cc33046c48b8eca0bf72cfde4e0f2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.3_alpha.deb\n Size/MD5 checksum: 212774 62a57473ed18f65cf1e4964707589182\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.3_alpha.deb\n Size/MD5 checksum: 115322 3c0c8f45fdff0376c2ce0a8f430640bf\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.3_alpha.deb\n Size/MD5 checksum: 69806 2aba5712e6d2986d6b976556d84334a2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.3_alpha.deb\n Size/MD5 checksum: 234456 527ef49d1dd1c02695aba9d1a742da4b\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.3_arm.deb\n Size/MD5 checksum: 166776 822bc9eb4a3fc4bac819139c18f9352a\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.3_arm.deb\n Size/MD5 checksum: 135272 f1817bcdca835bc1a1e435bdf138f5ce\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.3_arm.deb\n Size/MD5 checksum: 59106 dd14e6720f36814a04ab53cbeaa87e7c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.3_arm.deb\n Size/MD5 checksum: 163230 7388184e32e1008beb4e24d5d18eec20\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.3_arm.deb\n Size/MD5 checksum: 104462 0549181ef12edbe309777bae6b4950aa\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.3_arm.deb\n Size/MD5 checksum: 55226 06b930494cc76cc30434bc561c9343b2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.3_arm.deb\n Size/MD5 checksum: 212426 8583bf5cf862c0a9bb6aeb4f1ea3b00f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.3_i386.deb\n Size/MD5 checksum: 159690 e667fb48d65dfe43ca884036a5b7dd87\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.3_i386.deb\n Size/MD5 checksum: 126022 ef37e3c5d3850c92cea5acaa5becd48d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.3_i386.deb\n Size/MD5 checksum: 59524 8e5cf14c44644e20156f9a1fac32c2de\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.3_i386.deb\n Size/MD5 checksum: 159194 1b1c278479283dd3c6568093909b6847\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.3_i386.deb\n Size/MD5 checksum: 103828 e69239bed653dae0f82e85b5750f9c91\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.3_i386.deb\n Size/MD5 checksum: 53328 1ffa97db4f868e59dd813c11c4877bed\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.3_i386.deb\n Size/MD5 checksum: 209108 5089d02ce167e88b56fc8e6152cc0488\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_m68k.deb\n Size/MD5 checksum: 150592 07fbd55f7cf88b6b6c603422ec1e7412\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_m68k.deb\n Size/MD5 checksum: 121594 3a826fd25ecaaf07872ef785dc181231\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_m68k.deb\n Size/MD5 checksum: 57466 41f409f20c3f2f5b94009ee911c71285\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_m68k.deb\n Size/MD5 checksum: 150804 f56ca918f26a7459faaa44f043172af8\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_m68k.deb\n Size/MD5 checksum: 98986 7b4ac50702e0a75161a2b87d3a76d437\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_m68k.deb\n Size/MD5 checksum: 51578 44f73b91a6cb02a3a5749708952a39d5\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_m68k.deb\n Size/MD5 checksum: 207358 a34cc3737b49f42c0ea0e5da5304ce2a\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.3_sparc.deb\n Size/MD5 checksum: 175938 56fc468f254430aa90a79a748a357e30\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.3_sparc.deb\n Size/MD5 checksum: 134118 6011b8f4fcc0ea0a0be8476908c873b7\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.3_sparc.deb\n Size/MD5 checksum: 65596 d51708e0dc2001f4e22eb74118376941\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.3_sparc.deb\n Size/MD5 checksum: 174902 baa964f8e2b918ce5ea80a08ead7420e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.3_sparc.deb\n Size/MD5 checksum: 113772 5987bc7a4e67de1cdff689b088a3343e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.3_sparc.deb\n Size/MD5 checksum: 63272 28e9b8c34fbd3cd13d30bf6ff5a6f887\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.3_sparc.deb\n Size/MD5 checksum: 210564 d2a829a27e91764d726bd11b66cd65f8\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.3.dsc\n Size/MD5 checksum: 1184 e7e7fbdebbf5d34c319dfa313ced3d07\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.3.tar.gz\n Size/MD5 checksum: 1841527 ed1777dfbf99d9c1e1f50db614a6cf75\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-docs_1.1-8-2.3_all.deb\n Size/MD5 checksum: 98980 02665cc4cbba9cacc0036bd73892e99b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.1-8-2.3_all.deb\n Size/MD5 checksum: 57690 d1730a72b2dcfc316e7616504d83a273\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.1-8-2.3_all.deb\n Size/MD5 checksum: 57696 9096c3a02eed048481d43fdfe6d487dd\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.1-8-2.3_all.deb\n Size/MD5 checksum: 57678 091ab8d3d898c51ce3d42e24bb8d19f0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.1-8-2.3_all.deb\n Size/MD5 checksum: 57664 2ca61379d356d4e517395f0ad055729c\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 343598 1c5e28a3cb1ac5ae85f7c4b2ac87be95\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 95202 1a98c1201b24e92fd47833ef77d84e93\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 190190 9e9a1137a0a902840f5745df28cfa05c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 176540 700582563ceb860556319573c274a3a3\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 132946 fc22a78fba5a83e8a60e338f3a06e6b7\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 69750 792b30a67ad148471f09ed5d27492d54\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 254972 aca99d071962ae3dd61aac9655c990c1\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 75460 c8b2b782b4ff09fdf65dbe0df44c0cde\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 64224 603b14cb8c35c8d48e0df26382387f99\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 69786 d1c0e715236343ecb05a8d39782479df\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 68480 b667b6f7514c666dfbe6c4f6b227ccae\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_alpha.deb\n Size/MD5 checksum: 110400 bf1185aadce949b1f8b3332dd8ec0eed\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 279802 11159ce37b5c83ebc02793330d6c0af2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 88346 c4aad1833d3af9c33f3dba9633bd4aef\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 164320 6b2d5041159e4d4b15e5629dd13fc96b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 149652 095f2d2683430cdc4c4b0ae06acd03a1\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 115000 36d47720532809c3db942ebfcf485423\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 67912 70fcf9ddf06ea4e285b806851eb0e2b6\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 210594 fad41c093a7520ea88fce77c1fd0254c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 71572 d57c27938ba6cfe61a445d29949f69cf\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 64944 dc4dfcdbf71a1fdc076309d755acc881\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 67158 bc5569ac97b7ff3b0b51f472c152b203\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 66678 08741dbb32e15e224f2beb586bb24191\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_arm.deb\n Size/MD5 checksum: 100146 8bcf411e3076371dc1bded522efefbde\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 272026 60e0f3f89efc95c7ca385c2a70322f9f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 86996 fd9e3c49455fc1666e0a6387dc2ff7c3\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 158610 06a092a87d39c4ea77a61d8f97775758\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 143002 c656176e687f6358043223d652abdccd\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 114632 25817aea5e52397db5a583e5fe5fd526\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 67710 27048922c50feb1ebac3c878f89bd651\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 205664 84a8c3c99a18ce332c15e61918cc2cf9\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 71682 3e9f3ad646ee3a4fb35e22706e6395c5\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 63396 0059cfbd9ca52f118d14bb0e5254272d\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 67172 6221bcfa2426a973899d48146ec73d61\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 66524 a34d248f7aee0d7aeb411a62d439c3d2\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_i386.deb\n Size/MD5 checksum: 99116 34f0ba82c3db65c9a1fcb6f052432d5a\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 398222 5fbe82c3341d8318e86ed395ea3f7bda\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 102752 004b4643989513a81e1a0901eaa92c4e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 199358 de7367767ba400fdb649db466a66d741\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 183520 89ffee7f97e0408dfcc38b8b6a6ba64b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 138258 7823fcb3a3d2da5dbdfc4666e6d8fa4f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 71834 3ae5d0869b5d355657d6271c5640ff84\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 291770 774ff214241bc2b9e8e4f3be4d6d7555\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 78554 897c4d86d7abdc684640302cede18539\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 66244 8b5074c0f496912a88468fcc4a1a2da8\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 71996 f26ae5a20a8a8b3e55eafc9fb7121293\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 70844 8f33cec98009b5dd931ab17271542f68\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_ia64.deb\n Size/MD5 checksum: 122008 c59d16eae9ab093738f1b6119b20f6bf\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 311594 bf235fbd789258d1af0810546418f4f3\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 92062 66ff24b564832296c38c14bbd77b956e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 180610 3fdbef18412b2ece5622925f5ab2244f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 167788 31ad309f70c751e208b98df63c50c20c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 120124 98663a3b772ce341bd48e3d05820282a\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 69272 1ce71ef4b60e8b60bed720da59a77388\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 230992 7e95e40e2df32d89d3b929e205bdc668\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 73434 a078880e1403daf6d2ab8e8ece263600\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 66408 f1b652b482617fe69b610c8286b0f4b8\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 68792 0e969340100b333658e5c6ca8d850f51\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 68296 b29731afecb8beca8496fb8f53aec8a8\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_hppa.deb\n Size/MD5 checksum: 110342 01e8e5975b2746d05dac009a022c9c92\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 262896 e82d1c54e389a32f2184ac2de77f95b8\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 85996 64455ed6139fc9c8dd6e13d8255658ff\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 155416 db2a02c884280635e2c611270458604f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 147030 24862b60fec4c3197b25313c129f5774\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 112734 b4e04cc0023c4a226d88ba7717122de9\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 67430 4033012ea547e7632a95c29e3114b29a\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 198352 0316e989ab9f1c21ef9518cbdf289bdc\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 71222 d965d3b102b84bf262060bda822f145d\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 63308 6f49647bc6415dad9ae3bb076a9fbecb\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 67164 1af2e9ffff48467a4247479134fc30f0\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 66512 6c02988d2860c4a93c08b5f5c43b5684\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_m68k.deb\n Size/MD5 checksum: 99110 0dce872223647d353edc8d5a9d13b167\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 304522 4158ba9807fdd15ab6189c26c683f03c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 90152 fe859836669f74cc0e667bd5091be01f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 177982 8cfed290fb8f341dfc3d5cecd6a71c04\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 163022 9e8de1b63964fe3d771d466c4d5fca33\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 118328 7ecd8bd377c1506681863007b1406b30\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 68690 32a1a01505d3d54f7b9fa13b84d49f97\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 226192 06ec6d22fd7f6a21467cc0557e60cf79\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 73154 17d08fe86135371f75266aacf0bb86a0\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 64796 246cca06e09be909117204e0964baa1b\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 67546 4c134f4aa971e9b7fe6d8c445c14869c\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 66832 ee91f9692249aab399cc4332c0f7383d\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_mips.deb\n Size/MD5 checksum: 102120 739fda639f8ec8ca21feea31a35981de\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 303678 9295dca045c233f01c3e4fbab9bd2b01\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 90234 b819599add6fa0221b1745dda3f0f266\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 178036 a7907cc2fea0c9de41cb501f76154f83\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 158602 2ec5cd7ce23b3346e66526ea6bdff7c8\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 118690 72882ea15ffd8ae9887938038dcbf4aa\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 68572 eb173a423d8a8cb048a414d5329d08b0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 225964 27cfcd2155ec86ece3a96c5c5e6a8eea\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 73180 22cd4a442c10bda2de03025faea8d31a\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 64844 f120113ba9187dea31a8751affd11137\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 67520 a7a1684b9dc4dcb3db835b6c57b8f720\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 66802 7f90d164dc55ccf6a84c75c6aa1626c7\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_mipsel.deb\n Size/MD5 checksum: 101844 834aa6dcca8912c39fae65292936e9a8\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 281924 5576501dac218148f7b582b3eb1c8ed8\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 88588 25bf313611aeb62b8ce6ff3a854034b0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 171022 cb7a9979839c77a7ecb1f8878fad48c6\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 169896 30c97d348a8c4ffb43c7935820a49371\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 115360 e59cff14c004d1ce721f77e4e4d53c1f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 68246 a336c45bb191e38e5f5ca4100fd0e2a9\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 211422 7befa21d54333ad1a801f7751ee3ad1f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 72186 06937bf42e767b9ade24ab8082a22602\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 64688 17bdd318ec6ae319c31360a179763b58\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 67582 dc1d422078b01317c18b9c3d44f803ea\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 66914 b1c1b1b567ac4b4533f5e1ad8d01af93\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_powerpc.deb\n Size/MD5 checksum: 102604 082415cd6e2578df2e011f7f61b0d97c\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 287298 0ecba7449a7cfed934e673a27106ac57\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 90306 3229a4c5eb12db20fc89557d33d84038\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 162804 064a21c5819680e118c6ce2a86b0b277\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 154908 9f5f2ec368c162103a51d66d40409d09\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 117804 eafcb7c0b9661832c32e8d6812820c85\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 68482 6f899735f9f23fd89d7fb2b2302ee546\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 218016 409028784c49384e2fd4be09597fcdee\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 72796 7ca5ad81ecee67bff841934201b9cccf\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 63964 aa074cb76c8313fb75d73374464b3248\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 68040 ea967e4a2c13d1d1de253f63742d34b0\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 67368 678f1a1681626d5f2cf25b01cd3d409b\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_s390.deb\n Size/MD5 checksum: 104340 46f54162cfc98eaf0efcbe0541a6b7e8\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 294032 bbd97f40eed0bb60366415a763c8f102\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 89044 0f106a5571fba53c0ea7964eb24b3579\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 163540 33d4e98c371c66da686ea6431e42ffb6\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 154400 0b9f7bfbdd0fc371c4aebc96a9844e7d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 115702 a2e89c8cc8ec2be98f0426df04234b10\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 67900 384794d1782b3843d0367e008208927b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 214988 1a962c6a280b3cc8caaa4d67ce1f321d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 71774 5352889016e83fd2e5eb2c854fd36257\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 64256 240cc072e3c010798fc32abad3aacd2a\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 67716 93a2728a7009e8814f1c8ea140859390\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 66602 5cc145f67173b4f25d0aab6cdd07f469\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.3_sparc.deb\n Size/MD5 checksum: 102008 1af4cb973e2a20595bf4f6e4eff6a046\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2003-03-28T00:00:00", "published": "2003-03-28T00:00:00", "id": "DEBIAN:DSA-273-1:CB48A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00056.html", "title": "[SECURITY] [DSA 273-1] New krb4 packages fix authentication failure", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:36", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0138"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 269-2 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 9th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : heimdal\nVulnerability : Cryptographic weakness\nProblem-Type : remote\nDebian-specific: no\nCVE Id : CAN-2003-0138\nCERT advisory : VU#623217\n\nDue to overzealous applied patches, the security update DSA 269-1\nintroduced problems in some installations, causing the hprop service\nto fail. This is corrected with the update below.\n\nFor completeness, here is the original advisory text:\n\n A cryptographic weakness in version 4 of the Kerberos protocol allows\n an attacker to use a chosen-plaintext attack to impersonate any\n principal in a realm. Additional cryptographic weaknesses in the krb4\n implementation permit the use of cut-and-paste attacks to fabricate\n krb4 tickets for unauthorized client principals if triple-DES keys are\n used to key krb4 services. These attacks can subvert a site's entire\n Kerberos authentication infrastructure.\n\n This version of the heimdal package changes the default behavior and\n disallows cross-realm authentication for Kerberos version 4. Because\n of the fundamental nature of the problem, cross-realm authentication\n in Kerberos version 4 cannot be made secure and sites should avoid its\n use. A new option (--kerberos4-cross-realm) is provided to the kdc \n command to re-enable version 4 cross-realm authentication for those\n sites that must use this functionality but desire the other security\n fixes.\n\nFor the stable distribution (woody) these problems have been\nfixed in version 0.4e-7.woody.8.\n\nThe old stable distribution (potato) is not affected by this problem,\nsince it isn't compiled against kerberos 4.\n\nFor the unstable distribution (sid) the original problem has been\nfixed in version 0.5.2-1 and since it was a new upstream version did\nnot contain the problem mentioned above.\n\nWe recommend that you upgrade your heimdal packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.8.dsc\n Size/MD5 checksum: 1063 eb1a096946a8b4849e8427fd12e9b0d1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.8.diff.gz\n Size/MD5 checksum: 1278807 e176731867977b1fbd7bd56dbaf92811\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.8_all.deb\n Size/MD5 checksum: 1055830 b8b2d9d9e5d5d7b8a52ffb9d74c257e1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.8_all.deb\n Size/MD5 checksum: 19798 3b30c8d6ff609efb0abf2c045e6ea715\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 274598 f57ae5abb33228f47e4cacc0f7cc4aed\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 60494 190fbd9cfd8df5163fb8a6b8df5c2d5d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 572396 8044cd4e719c03ee7a0276522f96277f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 132842 5599032e3efb548ab99db19829822738\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 181316 0c2734b118798ccf2cb23b0c6ac58078\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 39346 34b4e81282063e86461cb720e89d2114\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 64878 d251d7c7d9deb06fd73ae17d9dce944a\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 23378 1341781bfbd6d194f5d27311e0590760\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 42816 ba2b6ef3943f45d54708f237b000d0f8\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 41324 9b4cf78174b3edd36d3063eb642378c3\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 33396 f92783557be35e69fcbc3dd0bd17a220\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 44134 2f618aa2b3e7937f5b49bec73687db93\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 30966 7e406feed7425c43e057de138ffe057a\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 132714 664be6d141e207c78462c21f426ae8e0\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 65426 c0e9ed3a1097a4e278f41ef276d25ec5\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 58784 a28d5cd3167fbf82b0823ab9dff22082\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 28012 bc8bb8c8c01c1e94fb81853014529465\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_alpha.deb\n Size/MD5 checksum: 28908 548b25a4c941c3bb85182a8991c51ae6\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 226578 e4431ceb5876f265042f83df6b98b9cb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 53452 791edbef0c424f033f49b91e6ebad387\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 440128 631560e5aa8d4ae0a78a061ee3274fdf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 107768 9e392554100f84e9a7bdd263c8217653\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 147558 3ad3e6df9ade10fb619e5d73a14856d2\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 35024 35960aa8cb54330ea551289ac99be426\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 56452 66ee32e304d220478a71019db763b853\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 22902 3935be7f1fc0c87d465104b7897437cd\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 38074 494ef673df89d89cdc15c1c22439858f\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 37716 86d2751a67d58b0c4d3ed877ceef547d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 31330 1728b698ba48463e8ffc3fbdaa24c622\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 39436 4907557167b9387fb6e38e24f67b06f6\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 29320 a599227ed07ed0bd2c80dc2900053078\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 111618 3571041494af214acb6ba2d74541ce5f\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 51446 54b33cd311d5f9ebf7c2e2078575e238\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 52900 ce8c006d6be7c65b28d8d294a7b9181d\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 28402 0fb819e831fb4295826490860cc6aecc\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_arm.deb\n Size/MD5 checksum: 29124 b82202313f0197b90dbb2c905796fc90\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 219452 4212096d96e38e287809590ef3164dc3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 52180 11ec81df5e202b8ee8cc59d2c440c347\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 404108 170a14a274a7cfe0993a3cca86190446\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 107708 470b9750707096c53304e3547499e66b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 143826 d4a052d3e2d7ba1340fc41ad1fb9d6a9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 35162 9589c80dcbe7fb4f9219dd47dce6744d\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 59176 b959c12d46b39ea8c1bf173a98e9b022\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 22784 6ee36cef4ff24d9e999b740be62616ae\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 38168 239598a245e94c3460c086186d9bd528\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 38056 df0067cf142305a4327f22efa8dced60\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 31558 a5a439528e31782176ed00517e39d2c1\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 39518 e8fea4d756811d8032285568c03ec582\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 29200 609f7bc06131990722278b3d00e886d9\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 110452 69fdb385d34d6b5fce6e433d3421ea36\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 51306 3d24adecfe5e11f897ff0fd7d89a295f\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 51180 5585f530ac30155417f8a130a6226945\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 26988 ff106cf951f6ef1f933af1b7832a0af8\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_i386.deb\n Size/MD5 checksum: 27710 7bc0b0154428e96155126867ff6302cc\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 334450 cad18174593addd5c8dbbc29b45a0d62\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 68586 744c3b9a66d116fe4bc5477bbccc2db9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 611828 13500b5b6ded9c170a5047190a8a9a3e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 151058 bdd9b75b878717ac8fcf4c44da6ecc6a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 210114 46a32a401d893847edb58e8d6390b6dc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 43720 695600a2aa626aa0c2371b837aa0b4e5\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 81466 d60a3cc1689f6312dd420fa848ee027d\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 24270 bbb660164d5c8a1d4f1ca811587e31fb\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 49670 961ac7ab8b2748da999e47a05749da1b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 48068 7795f6d76a036b83e0102f3e86c78321\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 37238 44476db6a795917fffe54be969603334\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 51612 3849497c5920817acfc1dce96040c505\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 34746 3006ab51fd09e31680c96e9dcab175b0\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 168652 63c31c43f7679dee686e8187e7bb2a6f\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 64388 dfb91dc66f2c5fd9948374e472fb3fcf\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 68160 b37fb4b9a15c3c79158bd6c2b3df4ad8\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 30204 b466a4b6db3ccf24b5edeb6b18a9c3bb\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_ia64.deb\n Size/MD5 checksum: 31422 e9d2a9a4872be3cad58ac570d9600b38\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 256248 5bb04b58da769a78f9f56c7990a942ed\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 56932 4737f206230a5b2811eafa7cdfb7fcaa\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 514716 9d5d34f32d5f41f724b5a8a4e936e961\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 116960 b970828c1858a63d5f92db3b1a5a5659\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 162538 46a34ac1f399bc87b3641d24baaa56f4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 37276 9c051d5b7e8bd195f8861a0f89ed284f\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 68754 c693184716631f8efb7654296b8c8082\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 23422 285d310c161a48ba849ff18c1a08d517\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 41672 542bd130bc93468cb2d7b4350287b863\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 42972 990e32534df82150dd821b7703b4de24\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 33862 40807252144a63fdba2b5a7abed0ca57\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 44596 121e120d2a70c200451faea011cb41ce\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 31546 dd9bacdcf6532ba55b0769494d604315\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 138912 0f7408f351a16a6d9c47d3f2ac439e43\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 69682 135135f41b3eec70c8ebf0bff0661706\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 60042 a2e86ddf02419f90a1bb0e349e8cbba7\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 30272 815e529902b1ba90f3530b57ef44cb9c\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_hppa.deb\n Size/MD5 checksum: 31140 da42ee69da21d582f4810fab6942a7c6\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 211308 4497240159452a8dfe753c359d2d0be5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 51680 9f5f397b91f5a35ea145a028bfe83460\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 398666 94f5b727acc91bbcbc8320397f301751\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 103424 48fbccd8bf5a408ce768812f24e6e7b3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 137850 6e230fd8d978dbb66bbf07b1f1355857\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 34654 0c098104757d36124b7596c51ca57380\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 54866 698fa0ced8b3b43fb90b403b26bd2f6a\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 22912 c806f2a9687a0505df72b6d2f708ba3e\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 37690 2daa388eb7b62f94c9378ab369a7cbf0\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 37410 2e663ac09f10c1471d5e93bbc3bbb8bf\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 31198 362d6a3426d1b8baa8f2f79ffe64ea6a\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 39308 c2547c9c94256aac900f5cebdef8e9fe\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 28918 8ca6369f7814b6afc701fa5ff2845ee1\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 110296 b4d53bbfac5a58625299813523d6eac6\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 68216 16002ba1de4e2a1965f9c0ff8cb0311d\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 49454 62a2bfaa9a3756c60c2f1d0c92703dc3\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 26950 045ddb1bbbe55f356808b3493abe22aa\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_m68k.deb\n Size/MD5 checksum: 27688 8e4755bdf5597c73524da27c1f7539bd\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 248292 808c64466e6fdc7a9af1e26426571088\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 55048 c3c3b2d3f288b0f8ea58f07af21698a9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 503888 3066049efba72de799ee0f5ee87b6b48\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 112570 d7a26f5579aa569148ca566745932772\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 159708 5acca12ef2a09cf550a11ad408101c90\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 36862 71cf27088575b8e8a0ab6ed39d48c078\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 57728 9e5743c8eb124c9074ad5286a4f1e904\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 23066 89d4f42999efa294803e9d4b0c0013db\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 39014 b1fc51a93bed07f5cf9408e98f41d26e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 38464 b635fdbe8e7b5a5c16d14df87ceb9847\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 31604 82529cd615e1e901f94c839a17956b05\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 40162 622bac439eed0ff8a765d530a962ed1c\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 29862 4aa6a3e79fa2f96cca2c23bf9aa9a4f4\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 119724 db7bc573b9e14c3913983b460d52daba\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 56956 c57a0865a98db2d876bbd6397bc11d7a\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 52820 59e173e8623774b4a112834d9491b852\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 28002 c047a74094e2f2836321cec946c3539b\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_mips.deb\n Size/MD5 checksum: 28668 6759c46e372872a5d913c90304d307a1\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 247492 6fa8197583e5f6a8831dfd81dcf66f19\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 55042 97016687ea645d3695b3c6daa2bed745\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 498446 f86d2e6e202d3d2b23fc09c664bac16a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 112576 df81490055f99c7e4603cac0d7e69655\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 159842 751ecd049b39b4b3d867f91c12d80e21\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 36802 a50d81e2d158825f542c3b6b4820449c\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 57342 d1c78ec16ba06c58f242916da6c3de7f\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 23082 aa664a89811f25fc679c9806ab724020\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 38712 c46b56da5597cf91ab39e06d4afb4217\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 38188 e23dd66cdb1d2f2461b83cade1e495db\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 31526 62965057df6a86e09f6e6603c8406a1b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 39816 c3bdb8e5fe177bca41570af178c547cd\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 29848 ba4c38273c45b077ad8ec091c2590741\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 118638 e237b0abc9bac735ecf7685f55dc244d\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 52176 47f87125e79a23786f2721b97ad5c8b9\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 52900 724b8887b0240a8c076be9afb17cd01c\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 28084 4af24aec17fd98faecf3595029aada57\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_mipsel.deb\n Size/MD5 checksum: 28764 2c4b72b6212b135c6e3c65a554a5063c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 227700 26e570c7270d061e142e1a982ee4949d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 53378 92b8dcaa41c7094798bee1b70791e6d0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 465098 f6787885837a7acf52fa02e625dcd82c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 107798 dbbcaca2307536549ce862f510e209e1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 148810 e7d5cb11e8616e6c0443b423c5c6cc25\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 35708 e747fab2eca4590b9e7bf8927b67f983\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 56516 bc43420fc316c1e4c099c9cd9a8a3c27\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 23070 5772fc368588057201cd0e9c28a007ae\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 38852 0af817fbf6ae9f78ead425c2be1fb7ad\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 38080 dbab40de873d11f49fb92738fe2b600f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 31274 69c1ed3a1b8534e39451e2be29b5d5c8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 39572 d6180df9847dc02461c4a42c4707315f\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 29732 90b94b4a928a49f1554beef2cbf2ea82\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 117910 39ce8a0892aa9ac17e9132059d2782ec\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 68886 d10228835d326bace6453457cc577b9d\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 53308 a90a44a5c4bb8482ac86c83d326aabfe\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 28218 e9e550565c23dc38495422d00819ecdb\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_powerpc.deb\n Size/MD5 checksum: 29036 64ec2157a94e6df453204239a6ca32d5\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 234388 61d32afba88301c3a6424e18069bc9b1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 55190 96b5f8b364f617e4b0bab3f26fe62d24\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 431960 9290c696d94ecb080da8451dcf447b81\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 113736 342119f1e0888b754312b9d4b76b32a4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 153382 46b442798bebd3a0df82b1a9299f8177\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 36462 646dfdc3d12baa0903fa9894c662153f\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 57716 3e97aa9194534239f191183cbefe1648\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 23156 64848262aa482e64ba2d612508a6975e\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 40570 95c7ec1c2ad2b243bb96a5ce0ee594b6\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 39282 b8a236a273f2807fea97907da1df9fc4\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 32520 93bec302f646d06470b9e975f48e203e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 41312 ee2cc250078dea7d94823baeefb1eae8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 29876 821b7d97c56f217e9b47fcbb8ac979d2\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 124388 93f3f0ccc727268ce2d25e6aedff85ce\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 69030 b5cd8f4950f67ccdb4c004536f66042f\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 54098 e08ed55d84adc8ad48e65fa44e6a2040\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 28176 125952b085d8129eea3a8372c9d49bef\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_s390.deb\n Size/MD5 checksum: 28994 d1dc8c4050e5eda0cb1adff97cf8c1fd\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 226626 8a39e15d49053d4dd901fa40d3fd6f73\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 53520 f290da11551e2a190ef14ee6cc9adbd0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 429262 d7e37cf1a23b15cb1b2e36179a2f9652\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 106324 b46749820dfe22a9a2a7a25f5614d7a1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 151104 62ae87820bb6a9b81323065c4969eab8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 35130 733bd83bc8c0c8ede088d9c7dd44ec49\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 54208 dddeb6782ccefd941f104a5a22bca7ee\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 25750 a442c62474c76a7bf29a9ad8c76d91ec\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 38594 b3a835c44ac84e5fdf26887a445f41b1\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 37444 f03842c4a82ae61a9fe11cc4c93e176b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 31228 f1ac0609d1acfc794d5eca4215a9cdf2\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 39294 e4df47c0d8418cc8b3e7a3e50b7be183\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 29190 9d3cd2d227d56b4f9ddfd9f167a08d25\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 111494 abff86f14218d5bc7241b4f30cf103cf\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 57822 57ec367979eac8b271e96eb44c383403\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 54934 2ae2bde31af3397f9dc54d427c206144\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 27744 3585e15012e1f7278dde4a4abb13279a\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.8_sparc.deb\n Size/MD5 checksum: 28442 6c0d97b5fe7e54c78c1a93243b1a2fcc\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2003-04-09T00:00:00", "published": "2003-04-09T00:00:00", "id": "DEBIAN:DSA-269-2:C9170", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00068.html", "title": "[SECURITY] [DSA 269-2] New heimdal packages fix authentication failure", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:53", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0138"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 269-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 26th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : heimdal\nVulnerability : Cryptographic weakness\nProblem-Type : remote\nDebian-specific: no\nCVE Id : CAN-2003-0138\nCERT advisory : VU#623217\n\nA cryptographic weakness in version 4 of the Kerberos protocol allows\nan attacker to use a chosen-plaintext attack to impersonate any\nprincipal in a realm. Additional cryptographic weaknesses in the krb4\nimplementation permit the use of cut-and-paste attacks to fabricate\nkrb4 tickets for unauthorized client principals if triple-DES keys are\nused to key krb4 services. These attacks can subvert a site's entire\nKerberos authentication infrastructure.\n\nThis version of the heimdal package changes the default behavior and\ndisallows cross-realm authentication for Kerberos version 4. Because\nof the fundamental nature of the problem, cross-realm authentication\nin Kerberos version 4 cannot be made secure and sites should avoid its\nuse. A new option (--kerberos4-cross-realm) is provided to the kdc \ncommand to re-enable version 4 cross-realm authentication for those\nsites that must use this functionality but desire the other security\nfixes.\n\nFor the stable distribution (woody) this problem has been\nfixed in version 0.4e-7.woody.6\n\nThe old stable distribution (potato) is not affected by this problem,\nsince it isn't compiled against kerberos 4.\n\nFor the unstable distribution (sid) this problem has been\nfixed in version 0.5.2-1.\n\nWe recommend that you upgrade your heimdal packages imediately.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.6.dsc\n Size/MD5 checksum: 1063 f925f5c81bef908a62366670f311511e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.6.diff.gz\n Size/MD5 checksum: 1278560 ea0268363a4b9a986fc731ac64367948\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.6_all.deb\n Size/MD5 checksum: 1055480 e22766e034934ac5b6664468d1bd39c4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.6_all.deb\n Size/MD5 checksum: 19456 3be2de9ba824fd90ec6f0df606e9d716\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 274250 38719c545872e901bd7eeb9dad9d0b80\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 60170 f5476c57a24af3c4ef9124bdc7908178\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 572102 a407490c744a95276ff8863672c44dbb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 132516 bac7e612f0d73d341a2a1fa5364051ae\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 180996 554ac920d68041805185a036b9013e9c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 39004 2795b39db81ef82f66d98ffc37a15466\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 64542 699a4851fb0380eece24913650cc72ba\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 23036 5502e63afbb41f53707344f59901b5f7\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 42446 270c023c95cadd077bd2255c4b25a7b4\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 40994 4d6d2e9b23beacf3d8c1c4395ac5e16c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 33060 3b12fb6be9e48a8c50e9e6b494337edf\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 43792 435f11b8c7800f038a0b4db1bd5facc7\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 30624 2da813aa5ed886718678bdb799f16c84\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 132428 cced2d8cc749730085be706ee025567b\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 65086 718e1326ff688900b1f8603a1edcc9f6\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 58446 d5a34a15b6480d9cf82be0e27020c786\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 27676 04bc8fd64130b22159181d723e4c429a\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_alpha.deb\n Size/MD5 checksum: 28568 643282ff65bdf5ca6bdb3183345df674\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 226242 be84aac4447215f9ad294e806540b76b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 53106 9862681a9890c86e0e32267457235795\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 439782 a0f8e6d3952b59ebea897ad91548161e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 107414 42b04878fd015852d611380347cc3e65\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 147202 6e4609eda77fa1869113aaa9123fd20e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 34684 9f305e8abe21394de4b843909a17453e\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 56118 c8da1759783b5fbbe00432c61b98f735\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 22558 391253425bcc712cada19a00c4a1dacd\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 37740 7596b2a105baee7fbf5e57613561835b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 37384 a9285434c5aebbea9dacd29cbd7e22d3\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 30986 e9f3d0252bc256c17b49d75a88eed409\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 39092 b3234cdf1f79245a61ca2b318b527fe7\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 28976 3a6e73b73fc36d1e063c28d3044a43ec\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 111298 59058fa2830a65d235fcaa8c1e616942\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 51108 fe2ac3b1c94f0a46fa33012da6545c36\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 52560 df744ee210bb52c0d4a8a484f15c3b45\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 28066 e438c802ed2356c8ef23e3c105aff43b\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_arm.deb\n Size/MD5 checksum: 28778 b7b3355b835f97cca91e131f55aa31be\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 219116 7eeac1ae25acf012059dc795209cd85c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 51836 d1eec9686a86cb047a8be0458d1d850b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 403804 3e00d69cb5ef02b959ad0655ae4c216c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 107366 8b17aa8d55f597ad24138b4cdcc16ebb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 143480 7577a5b0af42866fd152a843620b4aa9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 34812 ddbf3e482dfe6b352543ffc2cb8ee18b\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 58834 8347db1e1fa1c4ed559b08ebdfa8402f\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 22456 05548c34f48961848b32a533966855bd\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 37824 5863bf3025f559bec2570f6bcddaa2cc\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 37714 c494bf1832ada7ac8e08b212e085a0f5\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 31214 dd6bbe486b383dc7dad061fdcfec6d22\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 39180 9c659e1ea4a23a911ca35627ccd12986\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 28854 a65312cc116e3d51ffd84ce511080167\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 110104 726a1c8b679a0b987b63b9110d1f6274\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 50960 19aa54ae8006a0668602ad1432d3db3a\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 50842 44c8b0f28e0c0ef5598b3f5ba0b47812\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 26650 13bde028500c0552e9b86fbb76d6240f\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_i386.deb\n Size/MD5 checksum: 27370 9f0e015b290741c1451e08a410ed6f48\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 334112 848b475e5cafeb267615006df3c91930\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 68250 aa0792b76af92176703e5860fcb44a27\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 611470 d2130ceb8465652c3931a41c56db1e0c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 150722 2d51a3c7dd898059ffb300046f8cfe26\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 209774 07bf7b1004258371ccf9c9c6ce0c6f6d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 43370 9f87472cfb8f75b3d2e47dbb2c40f152\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 81120 8eeb26f9f0fb8d18d2745dfeede6e105\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 23918 0888b383a1c7b4d92a72d0c2b5decf2f\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 49334 d85f97f20f2b5a333f5e83e3877e9fc8\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 47724 f2a709974e7ae87b4be10a978042af7b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 36898 50e0a21641fec9e03bdf643fc2c6878b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 51274 ceefc3d6d0f592bbd27289a682e18dd8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 34406 b4f0b5a864674654eed21193d2909ee8\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 168314 1e80092754a4d52519ea578772d2f770\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 64050 d2e0f928f3d7b1cd63741a07f8648627\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 67794 4afe97ccc8b616016834e655bdad3dad\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 29854 8a70cba7f0208d850ba14f4fdfd53ab9\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_ia64.deb\n Size/MD5 checksum: 31078 86feed745e9d4079a18686e841723eb1\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 255884 40e64f84ee477966d7b877af3e71c705\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 56592 1215675a1062e3f5cef0e62abfd95feb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 514436 3126a6d876f51fcfd59c8ded287054b8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 116568 760ee427ed36d515e519293fc2ff8e75\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 162206 e82ff6c866fc4aa8ae84d88b86564678\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 36938 fa7c5e29c5f523448b922e1a374963d3\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 68418 ce03534bb9d758cd40e714a7049d2a22\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 23092 d83724ea393addc7069b75220f5f31f7\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 41344 e6ca5cfb44016e6672ef0a948f50bff7\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 42628 837315eacb47b98ca4fd2682bc1a8f2d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 33526 88954c1ee9b9d0174bcf04cfa13b2cb1\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 44270 a6e6f725715a596c84a106dd6322d4ea\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 31202 13f8562b252453435b2e1bce345d2147\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 138576 7e2a7290519deb0d8063a41a12e76a65\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 69342 b54ae110a0058a40af21ef0ffa337ae7\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 59710 98be32afbdbc0028355d695566e824e6\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 29934 8a70997f0d3b89135e8ee4c9bc454d7d\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_hppa.deb\n Size/MD5 checksum: 30796 cc51ebf5ea75e7cd3c495ebd9a767211\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 210932 61e89c51541352f8871221286c1a4eff\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 51340 0aa51c7baec8ff74d2a86b36e781d444\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 398072 9f685c4da486bf67052c20cb9dc15240\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 103088 64eb1013bd04cdafaabdec2a69c455bb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 137492 0b3ee1cd464fc3aa2a37347f07052a17\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 34304 df1ed57bf3c89077d94a70086bba31bd\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 54520 e7c9431e5eb6a661f1cb691acb174a81\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 22576 5392e76d32f929e8a889dcecc64fe308\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 37350 0fa900de7624cce315bde937198d70b6\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 37062 a760c51e862afaf6343d2794a5e20570\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 30846 579963bcda4e2d003ae3d6d99b452e0d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 38972 c1835380a56bda5d6410044a299705fe\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 28578 c6bad9f552f9e14532a27c8df59e69f3\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 109964 46671dee261da87f6d435226e1f972a1\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 67872 a62eacade584f84eac321492ad5c5ddf\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 49108 6abd8f23e75453a86770fc9b5c0d625e\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 26610 0871630b91ea2bee2ed1f8c27083997f\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_m68k.deb\n Size/MD5 checksum: 27342 95e8207b1c9e8d5329e0b2fbd94de2c8\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 247956 c07535234ec140cd2ae4ca8c9091f295\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 54704 5ebccdc079274fae3ee6db0af78c346a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 503528 d891bf79734cd7165bc2e4f02fe9e509\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 112242 e9cf0f2fc3954faccdcfdc85525663fa\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 159374 db1333248cde2e52cf4d050289266c4e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 36526 ab25f65e290e7e6e8c730aa97fa50e96\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 57392 1f3df0b8f0f70c02dce8b5d7b0dc9a88\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 22730 6a410793bcf3270f0af0dcabe31bf76a\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 38678 fb646bb9684c6f988983b57037363842\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 38126 54b602ec6f423e0b1d159d7a0a8421d7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 31266 49583168ef19447983c7685fe59ffe20\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 39822 e1218bbbcd931400fc3cecbc4cde9274\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 29512 51d2d85134f757049a75fdb9d5690303\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 119378 7f7d311b81830debd1523cefd9792e1e\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 56612 3a078a7ba3857bfbef1cd0c49f92b06d\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 52492 905c3ff0390090d8095c278cb2a800b8\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 27666 04e34a12fe8ae0494802d291a4e8ceea\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_mips.deb\n Size/MD5 checksum: 28334 e14c0fbc9d73e521095ea017a54c6074\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 247124 fd7f6edce06b284b40a0596ae1e9b1bb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 54696 0d66a17e1f48d729d570bb15a3d1b71a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 498122 3f16388855fc9c61b3b2911094a0428c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 112244 f3a09328d97fb258710908122a975bf9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 159512 428419bf32b5ddaa74f4ccf496276f1b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 36462 f118d78c93621f8c8b47d9f06e47e2e1\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 57002 6e18645484eb00362697f0ed3b460985\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 22744 c696f65c8fed2acd291e66ebedfc7a4b\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 38378 5bbf508ae994d08fd12f6feff98357cf\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 37850 f58cc2da67a1e180ba98cffa739cb05a\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 31188 d6e3efd6404c319edf56eb269bdf12aa\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 39482 a4ec6e45b826ef1ad87d48ad45f85391\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 29506 5c5b978306d0d624795dcc5eb2e38c90\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 118324 0016da756ebd700c201518e52de21232\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 51836 860b5e75aeb7c3e055178713532b7a3c\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 52552 c707c90b1f6d94caad3822f23beff7b5\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 27744 23539afa856409b4618358b704cf8c23\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_mipsel.deb\n Size/MD5 checksum: 28414 95c1830759bb94adf9c4ed96ff58ed29\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 227356 9760d542d55b808f0d13232214c5e7f5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 53024 14d4e5909e748f49202eb9347dc904c4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 464790 fd05ebaea3d8df2b65512a8e6df629e4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 107464 356a8c2184eb8ff87ce2cd07c8201e37\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 148484 918a9c586a80a88436ef357133017046\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 35374 a342060cae9080dfb45ce7828bdd2748\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 56172 1c3689acea3474c7a26783cc1ec96a0e\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 22724 3951713a2c70221a1174288397bc399a\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 38508 96b3617a95ab3cf77f7377d2b1f3f221\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 37738 bb6d4f877214a594cad0928da4ba4324\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 30928 67b9b2d280062dcdb597118e76220d96\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 39228 e4805d95392da1583d4add151f0707e7\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 29384 d6eb821366fad2b2956b07fcbb02c123\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 117570 122d41bf2ca3db75fe22d5377d73778e\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 68542 67cfdd491166da07a8a67ab41c5613af\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 52958 a2d36adee4c52f1be57f2d42be507639\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 27878 45141368fbb964cf62cd47bb0c2a0e1b\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_powerpc.deb\n Size/MD5 checksum: 28698 9da0ffe69acce1610a721923d5330cbc\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 234062 b7b6fdf5eb72a760d5f40bb314fb90a9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 54844 1f796d6a0da0e159e9b05c50847cd146\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 431652 a53928e8e361065dd30d1b4af749e055\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 113400 44d66bf28805050769b72fb023453cb8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 153050 045fdd8ac77941269b13feeaf8d41b76\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 36116 962ce5f4f3ab6b5e70198357a93b9917\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 57362 e8d61f748f3626beeee0b23b04a07ef9\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 22806 a785d4cd07a0d5c301901dcb0f204447\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 40220 0455c3d2b8f20fb835cd7e498e00f740\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 38940 f45e107e7d691c0749c2a45fdd98a8f6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 32168 a7cdeaa490d8fb7191f51ad7f772fa5a\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 40964 bc228b1c6b56933bb04d967ca7b17132\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 29534 5e5bc938c967c1a4d1d645ed8c948f61\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 124040 c7e8c3a7d9764c53c489abc4eef399d2\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 68686 c7f77b615c47c3a6bc4ad846c1f62c6d\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 53756 2d7fce8e443144417822b89d8c92e914\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 27834 8c717d9e3fd51a5dc0de25bfc28316f5\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_s390.deb\n Size/MD5 checksum: 28646 ebe75504e0eac71895450f55565fcb44\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 226260 9a44ca68c7e3675add2ef68493bc2805\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 53166 3d67a4070f9cdb7a07314ce0fee1d8f6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 428830 f3faf1824b6b9c472874503bd1c36d7a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 105974 adeb859e4398de7c4cc36225488eac7a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 150986 be37069db997ca97b5de31df4d371241\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 34784 265163550b79a0459606c32a7e9838eb\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 53882 9fd24f6765869edeb27312f4c6539309\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 25410 3fb84478a548a6ed479e5f87d9c58d29\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 38248 e1b3a3e5592c7ccd9a8a46993141749b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 37104 247dec82188ed5ee0c3e79f49d3ac596\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 30886 a2de1bb1ceaf473d1d1fdb625223812b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 38948 2696531208db39e57a230a6dd9becca0\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 28842 9fcf4c056096551dbe0bf3636d0b70af\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 111132 fd781d25dea7c3a2c373ff9091d81917\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 57486 bff08d70d3549a7a7bac48c8a8e1bfd8\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 54584 07871051083f6ecec40fa126da55e199\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 27402 788bb1dd11a461972ebb17e292d61d93\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.6_sparc.deb\n Size/MD5 checksum: 28098 b96aa8c87607c1252a1c547e6ce53097\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2003-03-26T00:00:00", "published": "2003-03-26T00:00:00", "id": "DEBIAN:DSA-269-1:F107E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00052.html", "title": "[SECURITY] [DSA 269-1] New heimdal packages fix authentication failure", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cisco": [{"lastseen": "2020-12-24T11:42:14", "bulletinFamily": "software", "cvelist": ["CVE-2004-0642", "CVE-2004-0643", "CVE-2004-0644", "CVE-2004-0772"], "description": "", "modified": "2004-08-31T18:30:00", "published": "2004-08-31T18:30:00", "id": "CISCO-SA-20040831-KRB5", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040831-krb5", "type": "cisco", "title": "Vulnerabilities in Kerberos 5 Implementation", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:13", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0643", "CVE-2004-0642", "CVE-2004-0772"], "description": "\nAn advisory published by the MIT Kerberos team says:\n\nThe MIT Kerberos 5 implementation's Key Distribution Center\n\t (KDC) program contains a double-free vulnerability that\n\t potentially allows a remote attacker to execute arbitrary code.\n\t Compromise of a KDC host compromises the security of the entire\n\t authentication realm served by the KDC. Additionally, double-free\n\t vulnerabilities exist in MIT Kerberos 5 library code, making\n\t client programs and application servers vulnerable.\n\nDouble-free vulnerabilities of this type are not believed to be\n\t exploitable for code execution on FreeBSD systems. However,\n\t the potential for other ill effects may exist.\n", "edition": 4, "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "id": "86A98B57-FB8E-11D8-9343-000A95BC6FAE", "href": "https://vuxml.freebsd.org/freebsd/86a98b57-fb8e-11d8-9343-000a95bc6fae.html", "title": "krb5 -- double-free vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:14", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0644"], "description": "\nAn advisory published by the MIT Kerberos team says:\n\nThe ASN.1 decoder library in the MIT Kerberos 5 distribution\n\t is vulnerable to a denial-of-service attack causing an infinite\n\t loop in the decoder. The KDC is vulnerable to this attack.\nAn unauthenticated remote attacker can cause a KDC or application\n\t server to hang inside an infinite loop.\nAn attacker impersonating a legitimate KDC or application\n\t server may cause a client program to hang inside an infinite\n\t loop.\n\n", "edition": 4, "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "id": "BD60922B-FB8D-11D8-A13E-000A95BC6FAE", "href": "https://vuxml.freebsd.org/freebsd/bd60922b-fb8d-11d8-a13e-000a95bc6fae.html", "title": "krb5 -- ASN.1 decoder denial-of-service vulnerability", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2020-09-18T20:43:47", "bulletinFamily": "info", "cvelist": ["CVE-2004-0642", "CVE-2004-0772"], "description": "### Overview \n\nThe MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in double-free vulnerabilities. An unauthenticated, remote attacker could execute arbitrary code on a KDC server, which could compromise an entire Kerberos realm. An attacker may also be able to execute arbitrary code on Kerberos clients, or cause a denial of service on KDCs or clients.\n\n### Description \n\nAs described on the [MIT Kerberos web site: ](<http://web.mit.edu/kerberos/www/#what_is>)\"Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.\" MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.\n\nKerberos 5 protocol messages are defined using Abstract Syntax Notation One (ASN.1). When ASN.1 decoding functions in the MIT Kerberos 5 library handle error conditions, the functions `free()` a memory reference and return the reference to the calling function. In some cases, error handling code in the calling functions may `free()` the memory reference again, resulting in a double-free vulnerability. [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>) explains in more detail: \n \n`In the MIT krb5 library, in all releases up to and including \nkrb5-1.3.4, ASN.1 decoder functions and their callers do not use a \nconsistent set of memory management conventions. The callers expect \nthe decoders to allocate memory. The callers typically have \nerror-handling code which frees memory allocated by the ASN.1 decoders \nif pointers to the allocated memory are non-null. Upon encountering \nerror conditions, the ASN.1 decoders themselves free memory which they \nhave allocated, but do not null the corresponding pointers. When some \nlibrary functions receive errors from the ASN.1 decoders, they attempt \nto pass the non-null pointer (which points to freed memory) to free(),` \n`causing a double-free.` \nThe MIT Kerberos 5 KDC is affected by a specific variant of this type of double-free condition. From [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>): \n \n`In all releases of MIT krb5 up to and including krb5-1.3.4, cleanup \ncode in the KDC frees memory returned by ASN.1 decoders. This cleanup \ncode only frees memory pointed to by non-null pointers, but if an \nASN.1 decoder returns an error, the cleanup code will free memory \npreviously freed by the decoder.` \nThe double-free conditions occur in the MIT Kerberos 5 library and affect the KDC and Kerberos clients. \n \n--- \n \n### Impact \n\nAn unauthenticated, remote attacker could execute arbitrary code on a KDC server. This could allow an attacker to gain the master secret for a Kerberos realm, leading to compromise of the entire realm. An attacker who is able to impersonate a KDC or application server may be able to execute arbitrary code on Kerberos clients. An attacker may also be able to crash a KDC or client, causing a denial of service. \n \n--- \n \n### Solution \n\n**Apply a patch** \nApply the appropriate patch(es) referenced in [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>) or specified by your vendor. \n \n**Upgrade** \n \nAccording to [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>), \"The upcoming [krb5-1.3.5](<http://web.mit.edu/kerberos/www/krb5-1.3/>) release will contain fixes for these problems.\" \n \n--- \n \n \n**Restrict access** \n \nDepending on network architecture, it may be practical to restrict access to KDC servers (88/udp) from untrusted networks such as the Internet. Due to network application requirements, it may be possible, but less practical, to limit access from Kerberos clients to trusted KDC and application servers. While these workarounds will help to limit the source of attacks, they will not prevent attacks from trusted hosts or networks or attackers who can successfully spoof their source addresses. \n \n--- \n \n### Vendor Information\n\n795632\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Apple Computer Inc. __ Affected\n\nNotified: July 21, 2004 Updated: May 10, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThis is fixed in Security Update 2004-12-02, and further information is available from <http://docs.info.apple.com/article.html?artnum=61798>.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Debian __ Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [DSA-543](<http://www.debian.org/security/2004/dsa-543>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Fedora Legacy Project __ Affected\n\nUpdated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [FEDORA-2004-276](<http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00030.html>) (Fedora Core 1) and [FEDORA-2004-277](<http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00031.html>) (Fedora Core 2).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### MIT Kerberos Development Team __ Affected\n\nUpdated: September 01, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### MandrakeSoft __ Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [MDKSA-2004:088](<http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:088>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nNew krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Please note that Red Hat Enterprise Linux 3 contained a fix for VU#350792 (CAN-2004-0772) from release, and for Red Hat Enterprise Linux 2.1 users this issue was fixed in a previous update, [RHSA-2003:052](<https://rhn.redhat.com/errata/RHSA-2003-052.html>).\n\n \n<http://rhn.redhat.com/errata/RHSA-2004-448.html> \n<http://rhn.redhat.com/errata/RHSA-2004-350.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Trustix Secure Linux __ Affected\n\nUpdated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [TSL-2004-0045](<http://www.trustix.net/errata/2004/0045/>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Cisco Systems Inc. Not Affected\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### CyberSafe __ Not Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe CyberSafe products listed below are not vulnerable.\n\n * CyberSafe Challenger 5.2.8 (this is the same code used within CISCO IOS)\n * TrustBroker 2.0, 2.1\n * ActiveTRUST 3.0, 4.0\n * TrustBroker Application Security SDK & Runtime Library 3.1.0\n * TrustBroker Secure Client 4.1. \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Hitachi __ Not Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nHitachi products are NOT affected by this issue.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### VanDyke Software Inc. __ Not Affected\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThis vulnerability is not Applicable to VanDyke Software products. VanDyke Software products do not link to any static kerberos libraries. Instead, VanDyke Software products dynamically load shared libraries for GSSAPI related functionality. \n \nDue to the critical nature of this vulnerability in affected versions of MIT Kerberos, those using the GSSAPI authentication method for SSH2 authentication within an MIT Kerberos environment should install the patched version of MIT Kerberos immediately.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### WRQ __ Not Affected\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe double-free memory management vulnerabilities VU#795632, VU#866472 and VU#550464, are not applicable to the WRQ Reflection Kerberos Client. WRQ Kerberos implementation uses Windows-based memory management routines and has been inspected to verify that this type of vulnerability is not present.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Conectiva Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Cray Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### EMC Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### F-Secure Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### FreeBSD Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Fujitsu Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Guardian Digital Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Heimdal Kerberos Project Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Hewlett-Packard Company Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### IBM __ Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nIBM eServer Platform Response \n \nFor information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to \n[https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=](<https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=>) \n \nIn order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to <http://app-06.www.ibm.com/servers/resourcelink> and follow the steps for registration. \n \nAll questions should be reffered to [servsec@us.ibm.com](<mailto:servsec@us.ibm.com>).\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Ingrian Networks Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Juniper Networks Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Microsoft Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### MontaVista Software Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### NEC Corporation __ Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nsent on September 3, 2003\n\n[Server Products] \n\n\n * Super computer SX operating system\n * is NOT vulnerable.\nWe are investigating other products of ours. \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### NetBSD Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Nokia Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Novell Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### SCO Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### SGI Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### SSH Communications Security Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Sony Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### SuSE Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Sun Microsystems Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### TurboLinux Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Unisys Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Wind River Systems Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\n### Wirex Unknown\n\nNotified: July 21, 2004 Updated: September 02, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23795632 Feedback>).\n\nView all 42 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>\n * <http://web.mit.edu/kerberos/www/>\n * <http://web.mit.edu/kerberos/www/krb5-1.3/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#asn1>\n * <http://www.itu.int/ITU-T/asn1/>\n * <http://www.itu.int/ITU-T/studygroups/com10/languages/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#kerbfirewall>\n * <http://www.securitytracker.com/alerts/2004/Aug/1011106.html>\n\n### Acknowledgements\n\nThanks to Tom Yu and the MIT Kerberos Development Team for reporting this vulnerability and coordinating with vendors. MITKRB5-SA-2004-002 acknowledges Will Fiveash and Nico Williams.\n\nThis document was written by Art Manion.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0642](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0642>) \n---|--- \n**Severity Metric:** | 20.55 \n**Date Public:** | 2004-08-31 \n**Date First Published:** | 2004-09-02 \n**Date Last Updated: ** | 2005-05-10 16:02 UTC \n**Document Revision: ** | 43 \n", "modified": "2005-05-10T16:02:00", "published": "2004-09-02T00:00:00", "id": "VU:795632", "href": "https://www.kb.cert.org/vuls/id/795632", "type": "cert", "title": "MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:44:25", "bulletinFamily": "info", "cvelist": ["CVE-2002-0036"], "description": "### Overview \n\nThe MIT Kerberos V5 implementation contains an ASN.1 decoding flaw that may allow remote attackers to crash affected Kerberos applications.\n\n### Description \n\nKerberos V5 protocol messages are defined using Abstract Syntax Notation One (ASN.1), a formal language that allows protocol specifications to be easily encoded for network transmission. For example, each data element in a given protocol message is encoded with additional information that indicates the type and length of the supplied data. This standardized format allows the recipient of the message to interpret the data elements and handle them appropriately.\n\nThe ASN.1 decoder included with MIT Kerberos V5 fails to perform bounds checking on the length values supplied with each data element. In some cases, an incoming message can contain a large unsigned data element length value that is misinterpreted as a negative signed value. When an affected Key Distribution Center (KDC) or other Kerberos application attempts to allocate negative or unreasonably large amounts of storage, an error condition will occur that may cause the application to crash. \n \n--- \n \n### Impact \n\nThis vulnerability allows remote attackers to crash affected applications, resulting in a denial of service condition. \n \n--- \n \n### Solution \n\nThis vulnerability was addressed in MIT Kerberos V5 1.2.5, released on April 30, 2002. MIT krb5 Security Advisory 2003-001 provides additional information from MIT and is available at: \n \n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>) \n \nFor information regarding other vendors who may be affected, please see the vendor section of this document. \n \n--- \n \n### Vendor Information\n\n587579\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### MIT Kerberos Development Team __ Affected\n\nNotified: April 04, 2002 Updated: January 30, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nMIT recommends updating to release 1.2.5 or later, preferably to the latest release. Patches specifically to fix these problems are not available at this time.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe MIT Kerberos Development Team has published MIT krb5 Security Advisory 2003-001 to address this vulnerability. For more information, please see:\n\n \n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### MandrakeSoft __ Affected\n\nNotified: April 03, 2003 Updated: April 04, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMandrakeSoft has published Security Advisory MDKSA-2003:043-1 to address this vulnerability. For more information, please see:\n\n \n[_http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043-1_](<http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043-1>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nNotified: April 08, 2002 Updated: March 27, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nRed Hat Linux and Red Hat Enterprise Linux ship with a Kerberos package vulnerable to these issues. Updated Kerberos packages are available along with our advisory at the URLs below. Users of the Red Hat Network can update their systems using the 'up2date' tool. \n\n\nRed Hat Linux: \n\n\n[_http://rhn.redhat.com/errata/RHSA-2002-051.html_](<http://rhn.redhat.com/errata/RHSA-2002-051.html>) \nRed Hat Enterprise Linux: \n\n\nWill be available shortly \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Hewlett-Packard Company __ Not Affected\n\nNotified: April 08, 2002 Updated: January 31, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC does not believe that HP products are affected by this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Microsoft Corporation __ Not Affected\n\nNotified: April 04, 2002 Updated: January 31, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThis report is specific to implementations that are using the MIT Kerberos5 code distribution. Microsoft does not use the MIT code (and specifically not the asn module described in your report). And do we believe Windows does not have this vulnerability.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Apple Computer Inc. Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### BSDI Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Cisco Systems Inc. Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Conectiva Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Cray Inc. Unknown\n\nNotified: April 08, 2002 Updated: January 31, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Debian Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### IBM Unknown\n\nNotified: April 08, 2002 Updated: January 31, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: April 04, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### NetBSD Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### OpenBSD Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Sun Microsystems Inc. Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### The SCO Group Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\n### Wind River Systems Inc. Unknown\n\nNotified: April 08, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23587579 Feedback>).\n\nView all 18 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>\n * <http://www.ietf.org/rfc/rfc1510.txt>\n\n### Acknowledgements\n\nThe reporter of this vulnerability wishes to remain anonymous.\n\nThis document was written by Jeffrey P. Lanza.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2002-0036](<http://web.nvd.nist.gov/vuln/detail/CVE-2002-0036>) \n---|--- \n**Severity Metric:** | 31.50 \n**Date Public:** | 2003-01-28 \n**Date First Published:** | 2003-01-31 \n**Date Last Updated: ** | 2003-04-04 20:02 UTC \n**Document Revision: ** | 43 \n", "modified": "2003-04-04T20:02:00", "published": "2003-01-31T00:00:00", "id": "VU:587579", "href": "https://www.kb.cert.org/vuls/id/587579", "type": "cert", "title": "MIT Kerberos V5 ASN.1 decoder fails to perform bounds checking on data element length fields", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-18T20:44:26", "bulletinFamily": "info", "cvelist": ["CVE-2003-0139"], "description": "### Overview \n\nSeveral cryptographic vulnerabilities exist in the basic Kerberos version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm and gain any privilege authorized through that Kerberos realm.\n\n### Description \n\nThe [MIT Kerberos Development team](<http://web.mit.edu/kerberos/www/krbdev.html>) has discovered a serious cryptographic flaw in the Kerberos version 4 protocol. This flaw could allow an attacker to compromise the entire affected Kerberos realm. In addition to the vulnerability described in [VU#623217](<http://www.kb.cert.org/vuls/id/623217>), an additional vulnerability was discovered in the MIT Kerberos implementation of triple-DES encryption of service tickets.\n\nFrom [the MIT advisory](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>): \n \n\"As a result of concerns about single DES weaknesses, MIT implemented support for Kerberos 4 tickets encrypted in triple DES service keys. This support shares all the cryptographic weaknesses of single DES Kerberos 4. In addition, since it uses CBC mode rather than PCBC mode, it introduces new weaknesses not found in other Kerberos 4 implementations. When certain alignment constraints are met, it is possible to splice two tickets together, allowing an attacker to get a ticket with a known session key for a client without knowing that client's long term key. This attack does require sniffing a ticket for that client.\" \n \nAs a result, MIT implementations of Kerberos version 5 or derived implementations that include support for triple-DES keys in Kerberos version 4 are vulnerable. \n \n--- \n \n### Impact \n\nIn addition to the impacts described for VU#623217, an attacker may impersonate any principal to a service keyed with triple-DES Kerberos version 4 keys, given the ability to capture network traffic containing tickets for the target client principal. \n \n--- \n \n### Solution \n\n**Apply a patch from the vendor** \n \nThe MIT Kerberos team has released [MIT krb5 Security Advisory 2003-004](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>) regarding this vulnerability. Sites are **strongly **encouraged to apply the patches referenced in the advisory. \n \n--- \n \n**Workarounds** \n \nIn the absence of patching, the following workarounds have been proposed by the MIT Kerberos team: \n \n`1) V4 Cross Realm Considered Harmful \n` \n` Kerberos implementations should gain an option to \ndisable Kerberos 4 cross-realm authentication both in the KDC and \nin any implementations of the krb524 protocol. This configuration \nshould be the default. \n` \n`2) Application Migration \n` \n` Application vendors and sites should migrate from Kerberos version 4 \nto Kerberos version 5. The OpenAFS community has introduced features \nthat allow Kerberos 5 to be used for AFS in OpenAFS 1.2.8. Patches \nare available to add Kerberos 5 support to OpenSSH. Several other \nimplementations of the SSH protocol also support Kerberos 5. \nApplications such as IMAP, POP and LDAP already support Kerberos 5. \n` \n`3) TGT Key Separation \n` \n` One motivation for the V4 triple DES support is that if a single \nDES key exists for the TGT principal then an attacker can attack \nthat key both for v4 and v5 tickets. Kerberos \nimplementations should gain support for a DES TGT key that is used \nfor v4 requests but not v5 requests. \n` \n`4) Remove Triple DES Kerberos 4 Support \n` \n` The cut and paste attack is a critical failure in MIT's attempt at \nKerberos 4 Triple DES. Even without cross-realm authentication, \nthis can be exploited in real-world situations. As such the \nsupport for 3DES service keys should be disabled.` \n \n--- \n \n### Vendor Information\n\n442569\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Conectiva __ Affected\n\nNotified: March 05, 2003 Updated: May 09, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nConectiva has released Conectiva Security Announcement [CLSA-2003:639](<http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639>) in response to this issue. Users are encouraged to review this announcement and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Debian __ Affected\n\nNotified: March 05, 2003 Updated: March 31, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Debian Project has released Debian Security Advisories [DSA-266](<http://www.debian.org/security/2003/dsa-266>) and [DSA-273](<http://www.debian.org/security/2003/dsa-273>) in response to this issue. Users are encouraged to review these advisories and apply the patches they refer to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: March 31, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Gentoo development team has released the following Gentoo Linux Security Announcements in response to this issue:\n\n[](<http://www.linuxsecurity.com/advisories/gentoo_advisory-3051.html>)\n\n * [200303-26](<http://www.linuxsecurity.com/advisories/gentoo_advisory-3085.html>)\n * [200303-28](<http://www.linuxsecurity.com/advisories/gentoo_advisory-3089.html>)\nUsers are encouraged to review these bulletins and apply the patches they refer to. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### MandrakeSoft __ Affected\n\nNotified: March 05, 2003 Updated: April 01, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMandrakeSoft has issued Mandrake Linux Security Update Advisory [MDKSA-2003:043](<http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nNotified: March 05, 2003 Updated: April 02, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRed Hat has issued Red Hat Security Advisories [RHSA-2003:051](<https://rhn.redhat.com/errata/RHSA-2003-051.html>) and [RHSA-2003:091](<https://rhn.redhat.com/errata/RHSA-2003-091.html>) in response to this issue. Users are encouraged to review these advisories and apply the patches they refer to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Wirex __ Affected\n\nNotified: March 05, 2003 Updated: April 09, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nWireX Communications, Inc. has released Immunix Secured OS Security Advisory [IMNX-2003-7+-007-01](<http://mail.wirex.com/pipermail/immunix-announce/2003-April:/0081.html>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Hitachi __ Not Affected\n\nNotified: March 05, 2003 Updated: April 04, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Hitachi's GR2000 gigabit router series \n- is NOT vulnerable. \n`\n\n`Hitachi's HI-UX/WE2 \n- is NOT vulnerable, because it does not support Kerberos V4.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Ingrian Networks __ Not Affected\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Ingrian Networks products are not succeptable to VU#623217 and VU#442569.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Juniper Networks __ Not Affected\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Kerberos does not ship with any Juniper product, so there is no vulnerability to these issues.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Lotus Software __ Not Affected\n\nUpdated: March 10, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Kerberos does not ship with any Lotus product, so there is no vulnerability to this issue.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Microsoft Corporation __ Not Affected\n\nNotified: March 05, 2003 Updated: March 20, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Microsoft has investigated this issue and determined that our products are not vulnerable to the issues described in the report. Microsoft implementations are based on Kerberos 5`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Xerox __ Not Affected\n\nNotified: March 05, 2003 Updated: May 09, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nXerox Corporation's response to this issue can be found at the following location\n\n \n<http://a1851.g.akamaitech.net/f/1851/2996/24h/cache.xerox.com/downloads/usa/en/c/CERT_VU442569.pdf> \nUsers are encouraged to review this document to determine if any of the Xerox products they employ are affected by this vulnerability. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### 3Com Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### AT&T Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Apple Computer Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Avaya Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### BSDI Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Cisco Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Cray Inc. __ Unknown\n\nNotified: March 05, 2003 Updated: March 21, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\n`Cray, Inc. may be vulnerable on their UNICOS and UNICOS/mk systems only. UNICOS/mp is not affected. SPR 725005 has been opened to investigate.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### D-Link Systems Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Data General Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### F5 Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Foundry Networks Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### FreeBSD Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Fujitsu Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Guardian Digital Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Hewlett-Packard Company Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### IBM-zSeries Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Intel Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Lucent Technologies Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### MiT Kerberos Development Team Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### MontaVista Software Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Multi-Tech Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### NEC Corporation Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### NETBSD Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### NeXT Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### NetScreen Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Network Appliance Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Nokia Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Nortel Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### OpenAFS Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### OpenBSD Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Redback Networks Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Riverstone Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### SGI Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Sequent Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Sony Corporation Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### SuSE Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Sun Microsystems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### The SCO Group (SCO Linux) Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### The SCO Group (SCO UnixWare) Unknown\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Unisys Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\n### Wind River Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23442569 Feedback>).\n\nView all 55 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>\n\n### Acknowledgements\n\nThe CERT/CC thanks Sam Hartman, Ken Raeburn, and Tom Yu of the Kerberos group at MIT for their detailed analysis and report of this vulnerability.\n\nThis document was written by Chad R Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2003-0139](<http://web.nvd.nist.gov/vuln/detail/CVE-2003-0139>) \n---|--- \n**Severity Metric:** | 8.91 \n**Date Public:** | 2003-03-15 \n**Date First Published:** | 2003-03-20 \n**Date Last Updated: ** | 2003-05-09 19:11 UTC \n**Document Revision: ** | 14 \n", "modified": "2003-05-09T19:11:00", "published": "2003-03-20T00:00:00", "id": "VU:442569", "href": "https://www.kb.cert.org/vuls/id/442569", "type": "cert", "title": "MIT Kerberos vulnerable to ticket splicing when using Kerberos4 triple DES service tickets", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:44:25", "bulletinFamily": "info", "cvelist": ["CVE-2003-0059"], "description": "### Overview \n\nMIT Kerberos V5 contains a flaw that allows the controller of one Kerberos realm to impersonate users in a second realm.\n\n### Description \n\nMIT Kerberos V5 releases prior to 1.2.3 contain a vulnerability that allows users from one realm to impersonate users from other non-local realms that use the same (shared) keys. This vulnerability is the result of a flaw in the `chk_trans.c` file of the libkrb5 library and affects both the Key Distribution Center (KDC) and other Kerberos application servers. \n \n--- \n \n### Impact \n\nThis vulnerability may allow users to gain unauthorized access to other realms, with various impacts possible depending on the Kerberos access control list (ACL) for each realm. \n \n--- \n \n### Solution \n\n**Update your Kerberos installation**\n\nThis vulnerability was addressed in MIT Kerberos V5 1.2.3. MIT krb5 Security Advisory 2003-001 provides additional information from MIT and is available at: \n \n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>) \n \nFor information regarding other vendors who may be affected, please see the vendor section of this document. \n \n--- \n \n**Follow the suggestions in MIT krb5 Security Advisory 2003-001**\n\n \nMIT krb5 Security Advisory 2003-001 provides the following recommendations for sites that are unable to apply a patch immediately: \n \n`Workarounds: \n`\n\n`Delete or change inter-realm keys so inter-realm authentication is disabled.` \n` \nRemove all non-local principals from all critical ACLs in services using old MIT Kerberos code to validate the realm transit path` \n--- \n \n### Vendor Information\n\n684563\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### MIT Kerberos Development Team __ Affected\n\nNotified: May 20, 2002 Updated: January 30, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nMIT recommends updating to release 1.2.5 or later, preferably to the latest release. Patches specifically to fix these problems are not available at this time.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe MIT Kerberos Development Team has published MIT krb5 Security Advisory 2003-001 to address this vulnerability. For more information, please see:\n\n \n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23684563 Feedback>).\n\n### MandrakeSoft __ Affected\n\nNotified: April 03, 2003 Updated: April 04, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMandrakeSoft has published Security Advisory MDKSA-2003:043-1 to address this vulnerability. For more information, please see:\n\n \n[_http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043-1_](<http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043-1>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23684563 Feedback>).\n\n### Microsoft Corporation __ Affected\n\nNotified: July 25, 2002 Updated: January 31, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe worked with MIT on this issue, and identified that in a very limited and specific situation we possess this flaw in our implementation of Kerberos. \n\n\nWe have written a fix that will address such a situation, and checked it into the next service pack.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23684563 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nNotified: March 26, 2003 Updated: March 27, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRed Hat, Inc. has published Red Hat Security Advisory RHSA-2003:051-01 to address this vulnerability. For more information, please see\n\n \n[_https://rhn.redhat.com/errata/RHSA-2003-051.html_](<https://rhn.redhat.com/errata/RHSA-2003-051.html>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23684563 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: July 25, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23684563 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>\n * <http://www.ietf.org/rfc/rfc1510.txt>\n\n### Acknowledgements\n\nThe CERT/CC thanks Joseph Sokol-Margolis and Gerald Britton for discovering this vulnerability and Ken Raeburn of MIT for bringing it to our attention.\n\nThis document was written by Shawn Van Ittersum and Jeffrey P. Lanza.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2003-0059](<http://web.nvd.nist.gov/vuln/detail/CVE-2003-0059>) \n---|--- \n**Severity Metric:** | 14.47 \n**Date Public:** | 2003-01-28 \n**Date First Published:** | 2003-01-31 \n**Date Last Updated: ** | 2003-04-04 20:05 UTC \n**Document Revision: ** | 39 \n", "modified": "2003-04-04T20:05:00", "published": "2003-01-31T00:00:00", "id": "VU:684563", "href": "https://www.kb.cert.org/vuls/id/684563", "type": "cert", "title": "MIT Kerberos V5 allows inter-realm user impersonation by malicious realm controllers with shared keys", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:44:25", "bulletinFamily": "info", "cvelist": ["CVE-2003-0060"], "description": "### Overview \n\nEarly releases of the MIT Kerberos V5 KDC contain format string vulnerabilities that can be used by unauthenticated remote attackers to conduct denial of service attacks on KDC servers.\n\n### Description \n\nLogging routines in some (unspecified) versions of the MIT Kerberos V5 Key Distribution Center (KDC) use Kerberos principal names as format strings for printf-style output functions. Principal names that contain certain printf format specifiers (such as '%n') may cause the KDC logging routines to read from or write to memory. Some vulnerable functions are called prior to authentication, therefore these vulnerabilities can be exploited by remote anonymous users. Note that vulnerabilities of this type may allow the execution of arbitrary code under certain circumstances. \n \n--- \n \n### Impact \n\nThis vulnerability may allow unauthenticated remote attackers to crash affected KDC processes, resulting in a denial of service condition. \n \n--- \n \n### Solution \n\nThis vulnerability was addressed in MIT Kerberos V5 1.2.5, released on April 30, 2002. MIT krb5 Security Advisory 2003-001 provides additional information from MIT and is available at:\n\n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>) \n \nFor information regarding other vendors who may be affected, please see the vendor section of this document. \n \n--- \n \n### Vendor Information\n\n787523\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### MIT Kerberos Development Team __ Affected\n\nNotified: May 20, 2002 Updated: January 30, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nMIT recommends updating to release 1.2.5 or later, preferably to the latest release. Patches specifically to fix these problems are not available at this time.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe MIT Kerberos Development Team has published MIT krb5 Security Advisory 2003-001 to address this vulnerability. For more information, please see:\n\n \n[_http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt_](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23787523 Feedback>).\n\n### Microsoft Corporation __ Not Affected\n\nNotified: July 29, 2002 Updated: January 31, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe Microsoft implementation of the KDC does not have the issue described in CERT VU#787523.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23787523 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: July 29, 2002 Updated: January 29, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23787523 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt>\n * <http://www.ietf.org/rfc/rfc1510.txt>\n\n### Acknowledgements\n\nThe CERT/CC thanks to E. Larry Lidz for discovering this vulnerability and Ken Raeburn of MIT for bringing it to our attention.\n\nThis document was written by Shawn Van Ittersum and Jeffrey P. Lanza.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2003-0060](<http://web.nvd.nist.gov/vuln/detail/CVE-2003-0060>) \n---|--- \n**Severity Metric:** | 19.69 \n**Date Public:** | 2003-01-28 \n**Date First Published:** | 2003-01-31 \n**Date Last Updated: ** | 2003-02-01 00:31 UTC \n**Document Revision: ** | 24 \n", "modified": "2003-02-01T00:31:00", "published": "2003-01-31T00:00:00", "id": "VU:787523", "href": "https://www.kb.cert.org/vuls/id/787523", "type": "cert", "title": "MIT Kerberos V5 KDC logging routines use unsafe format strings", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:44:25", "bulletinFamily": "info", "cvelist": ["CVE-2003-0138"], "description": "### Overview \n\nSeveral cryptographic vulnerabilities exist in the basic Kerberos Version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm and gain any privilege authorized through that Kerberos realm.\n\n### Description \n\nThe [MIT Kerberos Development team](<http://web.mit.edu/kerberos/www/krbdev.html>) has discovered a serious cryptographic flaw in the Kerberos version 4 protocol. This flaw could allow an attacker to compromise the entire affected Kerberos realm.\n\nFrom [the MIT advisory](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>): \n \n\"Kerberos version 4 tickets include neither a cryptographic hash of the encrypted data, random padding, nor a random initial vector. As such, if an attacker can cause the right text to be encrypted in a Kerberos service key, then the attacker can fabricate a ticket. Normally an attacker does not control much of the text in the ticket so this cryptographic weakness is hard to exploit. \n \nThe initial portion of a Kerberos 4 ticket is a one-byte flags field (either 0 or 1) followed by the client name. Since all of this initial text is constant, the beginning of a ticket for a given client/service will be the same. An attacker thus knows the encryption of the initial plaintext in the service key. If an attacker can control client principals whose names he chooses, then he can get the encryption of these plaintext values in the service key.\" \n \nBecause this is a flaw in the Kerberos 4 protocol, all implementations of vulnerable functionality are vulnerable. This includes all implementations of the Kerberos version 4 Key Distribution Center that allow cross-realm authentication and all implementations of the Kerberos version 5 Key Distribution Center that also implement a KDC for the Kerberos version 4 protocol and use the same keys for version 4 and version 5. \n \nThe Kerberos version 5 protocol is not vulnerable to this issue. However, implementations that implement both Kerberos 4 and Kerberos 5 tend to use the same keys for both protocols. As a result, the Kerberos 4 vulnerabilities can be used to compromise Kerberos 5 services at sites using these implementations. \n \n--- \n \n### Impact \n\nA number of specific impacts can result because of this vulnerability: \n\n\n * An attacker controlling a Kerberos version 4 shared cross-realm key can impersonate any principal in the remote realm to any service in the remote realm. This can lead to root-level compromise of a KDC, along with compromise of any hosts that rely on authentication provided by that KDC.\n * This attack may be performed against cross-realm principals, thus allowing an attacker to hop realms and compromise any realm that transitively shares a cross-realm key with the attacker's local realm.\n * Related, but more difficult attacks may be possible without requiring the control of a shared cross-realm key. At the very least, an attacker capable of creating arbitrary principal names in the target realm may be able to perform the attack.\n * In conjunction with [VU#442569](<http://www.kb.cert.org/vuls/id/442569>), an attacker may impersonate any principal to a service keyed with triple-DES Kerberos version 4 keys, given the ability to capture network traffic containing tickets for the target client principal. \n--- \n \n### Solution \n\n**Apply a patch from the vendor** \nThe MIT Kerberos team has released [MIT krb5 Security Advisory 2003-004](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>) regarding this vulnerability. Sites are **strongly **encouraged to apply the patches referenced in the advisory. \n \n--- \n \n**Workarounds** \n \nIn the absence of patching, the following workarounds have been proposed by the MIT Kerberos team: \n \n`1) V4 Cross Realm Considered Harmful \n` \n` Kerberos implementations should gain an option to \ndisable Kerberos 4 cross-realm authentication both in the KDC and \nin any implementations of the krb524 protocol. This configuration \nshould be the default.` \n \n`2) Application Migration \n` \n` Application vendors and sites should migrate from Kerberos version 4 \nto Kerberos version 5. The OpenAFS community has introduced features \nthat allow Kerberos 5 to be used for AFS in OpenAFS 1.2.8. Patches \nare available to add Kerberos 5 support to OpenSSH. Several other \nimplementations of the SSH protocol also support Kerberos 5. \nApplications such as IMAP, POP and LDAP already support Kerberos 5. \n` \n`3) TGT Key Separation \n` \n` One motivation for the V4 triple DES support is that if a single \nDES key exists for the TGT principal then an attacker can attack \nthat key both for v4 and v5 tickets. Kerberos \nimplementations should gain support for a DES TGT key that is used \nfor v4 requests but not v5 requests. \n` \n`4) Remove Triple DES Kerberos 4 Support \n` \n` The cut and paste attack is a critical failure in MIT's attempt at \nKerberos 4 Triple DES. Even without cross-realm authentication, \nthis can be exploited in real-world situations. As such the \nsupport for 3DES service keys should be disabled.` \n \n--- \n \n### Vendor Information\n\n623217\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Conectiva __ Affected\n\nNotified: March 05, 2003 Updated: May 09, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nConectiva has released Conectiva Security Announcement [CLSA-2003:639](<http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639>) in response to this issue. Users are encouraged to review this announcement and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Debian __ Affected\n\nNotified: March 05, 2003 Updated: March 31, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Debian Project has released the following Debian Security Advisories in response to this issue:\n\n * [DSA-266](<http://www.debian.org/security/2003/dsa-266>)\n * [DSA-269](<http://www.debian.org/security/2003/dsa-269>)\n * [DSA-273](<http://www.debian.org/security/2003/dsa-273>)\n \nUsers are encouraged to review these advisories and apply the patches they refer to. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: March 31, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Gentoo development team has released the following Gentoo Linux Security Announcements in response to this issue:\n\n * [200303-26](<http://www.linuxsecurity.com/advisories/gentoo_advisory-3085.html>)\n * [200303-28](<http://www.linuxsecurity.com/advisories/gentoo_advisory-3089.html>)\nUsers are encouraged to review these bulletins and apply the patches they refer to. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### MandrakeSoft __ Affected\n\nNotified: March 05, 2003 Updated: April 01, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMandrakeSoft has issued Mandrake Linux Security Update Advisory [MDKSA-2003:043](<http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### MiT Kerberos Development Team __ Affected\n\nUpdated: March 17, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThe MIT Kerberos development team has released [MITKRB5-SA-2003-004 ](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>)in response to this issue.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### NetBSD __ Affected\n\nUpdated: April 04, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe NetBSD Project has released NetBSD Security Advisory [2003-006](<ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-006.txt.asc>) in response to this issue. Users are encouraged to review this advisory and apply the patches that it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### OpenAFS __ Affected\n\nNotified: March 05, 2003 Updated: April 02, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe OpenAFS development team has released OpenAFS Security Advisory [2003-001](<http://www.openafs.org/pages/security/OPENAFS-SA-2003-001.txt>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### OpenBSD __ Affected\n\nNotified: March 05, 2003 Updated: March 24, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`There is a cryptographic weaknesses in the Kerberos v4 protocol \n(this is not something that is fixable in Kerberos v4). Sites still \nusing Kerberos v4 should migrate to Kerberos v5. \n`\n\n`Kerberos v5 does not have this weakness, but since it contains v4 \nto v5 translation services it is still possible to exploit the v4 \nprotocol defect. \n` \n`For more information, please see: \n``<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>`` \n` \n`The following patches cause Kerberos v4 requests from foreign realms \nto be ignored unless support for this is explicitly enabled. \n` \n`Patch for OpenBSD 3.1: \n``<ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/026_kerberos.patch>`` \n` \n`Patch for OpenBSD 3.2: \n``<ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/013_kerberos.patch>`` \n` \n`The aforementioned patches have already been applied to the 3.1 and \n3.2 -stable branches.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nNotified: March 05, 2003 Updated: April 02, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRed Hat has issued Red Hat Security Advisories [RHSA-2003:051](<https://rhn.redhat.com/errata/RHSA-2003-051.html>) and [RHSA-2003:091](<https://rhn.redhat.com/errata/RHSA-2003-091.html>) in response to this issue. Users are encouraged to review these advisories and apply the patches they refer to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Wirex __ Affected\n\nNotified: March 05, 2003 Updated: April 09, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nWireX Communications, Inc. has released Immunix Secured OS Security Advisory [IMNX-2003-7+-007-01](<http://mail.wirex.com/pipermail/immunix-announce/2003-April:/0081.html>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Hitachi __ Not Affected\n\nNotified: March 05, 2003 Updated: April 04, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Hitachi's GR2000 gigabit router series \n- is NOT vulnerable. \n`\n\n`Hitachi's HI-UX/WE2 \n- is NOT vulnerable, because it does not support Kerberos V4.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Ingrian Networks __ Not Affected\n\nNotified: March 05, 2003 Updated: March 10, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Ingrian Networks products are not succeptable to VU#623217 and VU#442569.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Juniper Networks __ Not Affected\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Kerberos does not ship with any Juniper product, so there is no vulnerability to these issues.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Lotus Software __ Not Affected\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Kerberos does not ship with any Lotus product, so there is no vulnerability to this issue.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Microsoft Corporation __ Not Affected\n\nNotified: March 05, 2003 Updated: March 20, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Microsoft has investigated this issue and determined that our products are not vulnerable to the issues described in the report. Microsoft implementations are based on Kerberos 5`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Xerox __ Not Affected\n\nNotified: March 05, 2003 Updated: May 09, 2003 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nXerox Corporation's reponse to this issue can be found at the following location\n\n \n<http://a1851.g.akamaitech.net/f/1851/2996/24h/cache.xerox.com/downloads/usa/en/c/CERT_VU623217.pdf> \nUsers are encouraged to review this bulletin to determine if any of the Xerox products they employ are affected by this vulnerability. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### 3Com Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### AT&T Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Apple Computer Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Avaya Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### BSDI Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Cisco Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Cray Inc. __ Unknown\n\nNotified: March 05, 2003 Updated: March 21, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\n`Cray, Inc. may be vulnerable on their UNICOS and UNICOS/mk systems only. UNICOS/mp is not affected. SPR 725005 has been opened to investigate.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### D-Link Systems Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Data General Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### F5 Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Foundry Networks Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 06, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### FreeBSD Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Fujitsu Unknown\n\nNotified: March 05, 2003 Updated: March 21, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Guardian Digital Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Hewlett-Packard Company Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### IBM-zSeries Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Intel Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Lucent Technologies Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### MontaVista Software Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Multi-Tech Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### NEC Corporation Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### NETBSD Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### NeXT Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### NetScreen Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Network Appliance Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Nokia Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Nortel Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: March 05, 2003 Updated: March 21, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Redback Networks Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Riverstone Networks Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### SGI Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Sequent Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Sony Corporation Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### SuSE Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Sun Microsystems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### The SCO Group (SCO Linux) Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### The SCO Group (SCO UnixWare) Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Unisys Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\n### Wind River Systems Inc. Unknown\n\nNotified: March 05, 2003 Updated: March 17, 2003 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23623217 Feedback>).\n\nView all 56 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt>\n\n### Acknowledgements\n\nThe CERT/CC thanks Sam Hartman, Ken Raeburn, and Tom Yu of the Kerberos group at MIT for their detailed analysis and report of this vulnerability.\n\nThis document was written by Chad Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2003-0138](<http://web.nvd.nist.gov/vuln/detail/CVE-2003-0138>) \n---|--- \n**Severity Metric:** | 13.54 \n**Date Public:** | 2003-03-15 \n**Date First Published:** | 2003-03-20 \n**Date Last Updated: ** | 2003-05-09 19:18 UTC \n**Document Revision: ** | 18 \n", "modified": "2003-05-09T19:18:00", "published": "2003-03-20T00:00:00", "id": "VU:623217", "href": "https://www.kb.cert.org/vuls/id/623217", "type": "cert", "title": "Cryptographic weakness in Kerberos Version 4 protocol", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:43:47", "bulletinFamily": "info", "cvelist": ["CVE-2004-0643"], "description": "### Overview \n\nThe `krb5_rd_cred()` function in the MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in a double-free vulnerability. A remote, authenticated attacker could execute arbitrary code or cause a denial of service on any system running an application that calls `krb5_rd_cred()`. This includes Kerberos application servers and other applications that process Kerberos authentication via the MIT Kerberos 5 library, GSSAPI, and other libraries.\n\n### Description \n\nAs described on the [MIT Kerberos web site: ](<http://web.mit.edu/kerberos/www/#what_is>)\"Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.\" MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.\n\nKerberos 5 protocol messages are defined using Abstract Syntax Notation One (ASN.1). When handling an error condition, the function `krb5_rd_cred()` `free()s` a memory reference returned from the ASN.1 decoding function `decode_krb5_enc_cred_part()`. As part of its own error handling process, the decoding function already `free()d` the memory reference, therefore the second `free()` can corrupt heap memory management structures, possibly manipulating heap memory to execute arbitrary code. This is a double-free vulnerability. Note that this vulnerability was addressed in kbr5-1.3.2. From [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>): \n \n`Implementations of krb5_rd_cred() prior to the krb5-1.3.2 release` \n`contained code to explicitly free the buffer returned by the ASN.1` \n`decoder function decode_krb5_enc_cred_part() when the decoder returns` \n`an error. This is another double-free, since the decoder would itself` \n`free the buffer on error. Since decode_krb5_enc_cred_part() does not` \n`get called unless the decryption of the encrypted part of the KRB-CRED` \n`is successful, the attacker needs to have authenticated. This code` \n`was corrected in the krb5-1.3.2 release.` \nMIT notes that Kerberos applications that call `krb5_rd_cred()` to process forwarded credentials are affected: \n \n`Applications calling the krb5_rd_cred() function in releases prior` \n`to krb5-1.3.2. Such applications in the MIT krb5 releases include` \n`the remote login daemons (krshd, klogind, and telnetd) and the FTP` \n`daemon. The krb5_rd_cred() function decrypts and decodes forwarded` \n`Kerberos credentials. Third-party applications calling this` \n`function directly or indirectly (by means of the GSSAPI or other` \n`libraries) are vulnerable.` \n \n--- \n \n### Impact \n\nA remote, authenticated attacker could execute arbitrary code on a vulnerable Kerberos application server or cause a denial of service. \n \n--- \n \n### Solution \n\n**Apply a patch**\n\nApply the appropriate patch(es) referenced in [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>) or specified by your vendor. Note that this vulnerability does not exist in krb5-1.3.2 and later. \n \n**Upgrade** \n \nAccording to [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>), \"The upcoming krb5-1.3.5 release will contain fixes for these problems.\" \n \n--- \n \n \n**Restrict access** \n \nDepending on network architecture and application requirements, it may be practical to restrict access to Kerberos application servers from untrusted networks such as the Internet. While this will help to limit the source of attacks, it will not prevent attacks from trusted hosts or networks or attackers who can successfully spoof their source addresses. \n \n--- \n \n### Vendor Information\n\n866472\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Cisco Systems Inc. __ Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see Cisco Security Advisory: [Vulnerabilities in Kerberos 5 Implementation](<http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml>) (Document ID: 61720).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### MIT Kerberos Development Team __ Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### CyberSafe __ Not Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe CyberSafe products listed below are not vulnerable.\n\n * CyberSafe Challenger 5.2.8 (this is the same code used within CISCO IOS)\n * TrustBroker 2.0, 2.1\n * ActiveTRUST 3.0, 4.0\n * TrustBroker Application Security SDK & Runtime Library 3.1.0\n * TrustBroker Secure Client 4.1. \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Apple Computer Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Conectiva Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Cray Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Debian Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### EMC Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### F-Secure Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### FreeBSD Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Fujitsu Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Guardian Digital Inc. Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Heimdal Kerberos Project Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Hewlett-Packard Company Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Hitachi Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### IBM Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Ingrian Networks Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Juniper Networks Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### KTH Kerberos Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### MandrakeSoft Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Microsoft Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### MontaVista Software Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### NEC Corporation Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\n### Wirex Unknown\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23866472 Feedback>).\n\nView all 24 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>\n * <http://web.mit.edu/kerberos/www/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#asn1>\n * <http://www.itu.int/ITU-T/asn1/>\n * <http://www.itu.int/ITU-T/studygroups/com10/languages/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#gssapi>\n * <http://www.ietf.org/rfc/rfc2743.txt>\n * <http://www.ietf.org/rfc/rfc1964.txt>\n * <http://www.securitytracker.com/alerts/2004/Aug/1011106.html>\n\n### Acknowledgements\n\nThanks to Tom Yu and the MIT Kerberos Development Team for reporting this vulnerability and coordinating with vendors. MITKRB5-SA-2004-002 acknowledges Joseph Galbraith and John Hawkinson.\n\nThis document was written by Art Manion.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0643](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0643>) \n---|--- \n**Severity Metric:** | 10.96 \n**Date Public:** | 2004-08-31 \n**Date First Published:** | 2004-09-02 \n**Date Last Updated: ** | 2004-09-03 20:21 UTC \n**Document Revision: ** | 30 \n", "modified": "2004-09-03T20:21:00", "published": "2004-09-02T00:00:00", "id": "VU:866472", "href": "https://www.kb.cert.org/vuls/id/866472", "type": "cert", "title": "MIT Kerberos 5 ASN.1 decoding function krb5_rd_cred() insecurely deallocates memory (double-free)", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:43:48", "bulletinFamily": "info", "cvelist": ["CVE-2004-0644"], "description": "### Overview \n\nThe `asn1buf_skiptail()` function in the MIT Kerberos 5 library does not properly terminate a loop, allowing an unauthenticated, remote attacker to cause a denial of service in a Kerberos Distribution Center (KDC), application server, or Kerberos client.\n\n### Description \n\nAs described on the [MIT Kerberos web site: ](<http://web.mit.edu/kerberos/www/#what_is>)\"Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.\" MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.\n\nKerberos 5 protocol messages are defined using Abstract Syntax Notation One (ASN.1). The Basic Encoding Rules (BER) describe how to represent the values of ASN.1 types in byte strings. The MIT Kerberos 5 library function `asn1buf_skiptail()` contains a loop that does not properly check either the end of a buffer or the position of a pointer into the buffer. A specially crafted BER encoding in an ASN.1 sequence can cause `asn1buf_skiptail()` to enter an infinite loop, resulting in a denial of service. [MITKRB5-SA-2004-003](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt>) provides further detail: \n \n`The ASN.1 decoder in the MIT krb5 library handles indefinite-length` \n`BER encodings for the purpose of backwards compatibility with some` \n`non-conformant implementations. The ASN.1 decoders call` \n`asn1buf_sync() to skip any trailing unrecognized fields in the` \n`encoding of a SEQUENCE type. asn1buf_sync() calls asn1buf_skiptail()` \n`if the ASN.1 SEQUENCE type being decoded was encoded with an` \n`indefinite length. asn1buf_sync() is provided with a prefetched BER` \n`tag; a placeholder tag is provided by the prefetching code in the case` \n`where there is are no more octets in a sub-encoding.` \n \n`The loop in asn1buf_skiptail() which attempts to skip trailing` \n`sub-encodings of an indefinite-length SEQUENCE type does not properly` \n`check for end-of-subbuffer conditions or for the placeholder tag,` \n`leading to an infinite loop. Valid BER encodings cannot cause this` \n`condition; however, it is trivial to construct a corrupt encoding` \n`which will trigger the infinite loop.` \n \n--- \n \n### Impact \n\nAn unauthenticated, remote attacker could cause a denial of service on a KDC or application server. An attacker who is able to impersonate a KDC or application server may be able to cause a denial of service on Kerberos clients. \n \n--- \n \n### Solution \n\n**Apply a patch**\n\nApply the appropriate patch(es) referenced in [MITKRB5-SA-2004-003](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt>) or specified by your vendor. \n \n**Upgrade** \n \nAccording to [MITKRB5-SA-2004-003](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt>), \"The upcoming krb5-1.3.5 release will contain fixes for these problems.\" \n \n--- \n \n \n**Restrict access** \n \nDepending on network architecture, it may be practical to restrict access to KDC servers (88/udp) from untrusted networks such as the Internet. Due to network application requirements, it may be possible, but less practical, to limit access from Kerberos clients to trusted KDC and application servers. While these workarounds will help to limit the source of attacks, they will not prevent attacks from trusted hosts or networks or attackers who can successfully spoof their source addresses. \n \n--- \n \n### Vendor Information\n\n550464\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Cisco Systems Inc. __ Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see Cisco Security Advisory: [Vulnerabilities in Kerberos 5 Implementation](<http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml>) (Document ID: 61720).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23550464 Feedback>).\n\n### MIT Kerberos Development Team __ Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [MITKRB5-SA-2004-003](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23550464 Feedback>).\n\n### CyberSafe __ Not Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe CyberSafe products listed below are not vulnerable.\n\n * CyberSafe Challenger 5.2.8 (this is the same code used within CISCO IOS)\n * TrustBroker 2.0, 2.1\n * ActiveTRUST 3.0, 4.0\n * TrustBroker Application Security SDK & Runtime Library 3.1.0\n * TrustBroker Secure Client 4.1. \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23550464 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt>\n * <http://web.mit.edu/kerberos/www/>\n * <http://www.cert.org/advisories/CA-2001-18.html#asn1-ber>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#asn1>\n * <http://www.itu.int/ITU-T/asn1/>\n * <http://www.itu.int/ITU-T/studygroups/com10/languages/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#kerbfirewall>\n * <http://www.securitytracker.com/alerts/2004/Aug/1011107.html>\n\n### Acknowledgements\n\nThanks to Tom Yu and the MIT Kerberos Development Team for reporting this vulnerability and coordinating with vendors. MITKRB5-SA-2004-003 acknowledges Will Fiveash and Nico Williams.\n\nThis document was written by Art Manion.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0644](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0644>) \n---|--- \n**Severity Metric:** | 16.44 \n**Date Public:** | 2004-08-31 \n**Date First Published:** | 2004-09-02 \n**Date Last Updated: ** | 2004-09-03 20:22 UTC \n**Document Revision: ** | 18 \n", "modified": "2004-09-03T20:22:00", "published": "2004-09-02T00:00:00", "id": "VU:550464", "href": "https://www.kb.cert.org/vuls/id/550464", "type": "cert", "title": "MIT Kerberos 5 ASN.1 decoding function asn1buf_skiptail() does not properly terminate loop", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-18T20:43:48", "bulletinFamily": "info", "cvelist": ["CVE-2004-0772"], "description": "### Overview \n\nThe MIT Kerberos `krb524d` daemon does not securely deallocate heap memory when handling an error condition, resulting in a double-free vulnerability. An unauthenticated, remote attacker could execute arbitrary code on a system running `krb524d`, which in many cases is also a Kerberos Distribution Center (KDC). The compromise of a KDC system can lead to the compromise of an entire Kerberos realm. An attacker may also be able to cause a denial of service on a system running `krb524d`.\n\n### Description \n\nAs described on the [MIT Kerberos web site: ](<http://web.mit.edu/kerberos/www/#what_is>)\"Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.\" MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.\n\nThe MIT Kerberos `krb524d` daemon converts Kerberos 5 service tickets into Kerberos 4 service tickets. There is a double-free vulnerability in `krb524d` that can be triggered during the conversion of a cross-realm ticket. From [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>): \n \n`The patch (introduced in krb5-1.2.8 and present in all subsequent` \n`releases) for disabling krb4 cross-realm authentication in krb524d` \n`introduced a double-free vulnerability. If handle_classic_v4() denies` \n`the conversion of a cross-realm ticket, v5tkt->enc_part2 gets freed` \n`but not nulled, so do_connection() double-frees many things when it` \n`subsequently calls krb5_free_ticket().` \n \n--- \n \n### Impact \n\nAn unauthenticated, remote attacker to could execute arbitrary code on a system running `krb524d`. In many cases, this system also operates a KDC, so this vulnerability could allow an attacker to gain the master secret for a Kerberos realm, leading to compromise of the entire realm. An attacker may also be able to crash a system running `krb524d`, causing a denial of service. \n \n--- \n \n### Solution \n\n**Apply a patch**\n\nApply the appropriate patch(es) referenced in [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>) or specified by your vendor. \n \n**Upgrade** \n \nAccording to [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt>), \"The upcoming krb5-1.3.5 release will contain fixes for these problems.\" \n \n--- \n \n \n**Restrict access** \n \nDepending on network architecture, it may be practical to restrict access to systems running `krb524d` (4444/udp) from untrusted networks such as the Internet. While this will help to limit the source of attacks, it will not prevent attacks from trusted hosts or networks or attackers who can successfully spoof their source addresses. \n \n--- \n \n### Vendor Information\n\n350792\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### MIT Kerberos Development Team __ Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see [MITKRB5-SA-2004-002](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23350792 Feedback>).\n\n### Cisco Systems Inc. Not Affected\n\nNotified: July 21, 2004 Updated: September 03, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23350792 Feedback>).\n\n### CyberSafe __ Not Affected\n\nUpdated: September 02, 2004 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nThe CyberSafe products listed below are not vulnerable.\n\n * CyberSafe Challenger 5.2.8 (this is the same code used within CISCO IOS)\n * TrustBroker 2.0, 2.1\n * ActiveTRUST 3.0, 4.0\n * TrustBroker Application Security SDK & Runtime Library 3.1.0\n * TrustBroker Secure Client 4.1. \n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23350792 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt>\n * <http://web.mit.edu/kerberos/www/>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#krb524d>\n * <http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#kerbfirewall>\n * <http://www.securitytracker.com/alerts/2004/Aug/1011106.html>\n\n### Acknowledgements\n\nThanks to Tom Yu and the MIT Kerberos Development Team for reporting this vulnerability and coordinating with vendors. MITKRB5-SA-2004-002 acknowledges Marc Horowitz.\n\nThis document was written by Art Manion.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0772](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0772>) \n---|--- \n**Severity Metric:** | 10.28 \n**Date Public:** | 2004-08-31 \n**Date First Published:** | 2004-09-02 \n**Date Last Updated: ** | 2004-09-03 20:22 UTC \n**Document Revision: ** | 19 \n", "modified": "2004-09-03T20:22:00", "published": "2004-09-02T00:00:00", "id": "VU:350792", "href": "https://www.kb.cert.org/vuls/id/350792", "type": "cert", "title": "MIT Kerberos krb524d insecurely deallocates memory (double-free)", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2002-0036"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in MIT Kerberos 5. The ASN.1 decoder fails to properly sanitize user suplied input resulting in heap corruption. If an attacker sends a specially crafted packet with a negative length value, they may cause the services to crash resulting in a loss of availability.\n\n## Solution Description\nUpgrade to version 1.2.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in MIT Kerberos 5. The ASN.1 decoder fails to properly sanitize user suplied input resulting in heap corruption. If an attacker sends a specially crafted packet with a negative length value, they may cause the services to crash resulting in a loss of availability.\n\n## References:\nVendor URL: http://web.mit.edu/kerberos/www/\n[Vendor Specific Advisory URL](http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043)\n[Vendor Specific Advisory URL](http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000639)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt)\nRedHat RHSA: RHSA-2003-052\nRedHat RHSA: RHSA-2003-051\nKeyword: MIT krb5 Security Advisory 2003-001\nISS X-Force ID: 11190\n[CVE-2002-0036](https://vulners.com/cve/CVE-2002-0036)\nCIAC Advisory: n-037\nCERT VU: 587579\nBugtraq ID: 6713\n", "modified": "2003-01-28T00:00:00", "published": "2003-01-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4896", "id": "OSVDB:4896", "title": "Kerberos 5 ASN.1 Decoder Heap Corruption DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0139"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nISS X-Force ID: 11570\n[CVE-2003-0139](https://vulners.com/cve/CVE-2003-0139)\nCERT VU: 442569\nBugtraq ID: 7113\n", "modified": "2003-03-17T00:00:00", "published": "2003-03-17T00:00:00", "id": "OSVDB:4868", "href": "https://vulners.com/osvdb/OSVDB:4868", "title": "MIT Kerberos4 Triple DES Service Ticket Splicing", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0059"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nISS X-Force ID: 11188\n[CVE-2003-0059](https://vulners.com/cve/CVE-2003-0059)\nCIAC Advisory: n-037\nCERT VU: 684563\nBugtraq ID: 6714\n", "modified": "2003-01-28T00:00:00", "published": "2003-01-28T00:00:00", "id": "OSVDB:4887", "href": "https://vulners.com/osvdb/OSVDB:4887", "title": "Kerberos Key Distribution Center Shared Key Spoofing", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0082"], "edition": 1, "description": "## Vulnerability Description\nKerberos 5 contains a flaw within principal name handling that may allow a remote denial of service. The issue is triggered when a specially crafted request is sent to the KDC, this can result in a heap corruption (buffer underrun) or possibly remote code execution resulting in a loss of avilability and possibly confidentiality and/or integrity.\n## Technical Description\nThe issue is triggered when an authenticated user issues specific requests such as names with zero components, names with one empty component, or host-based service principal names with no host name component\n## Solution Description\nCurrently, there are no known workarounds to correct this issue. However, MIT has released a patch to address this vulnerability.\n## Short Description\nKerberos 5 contains a flaw within principal name handling that may allow a remote denial of service. The issue is triggered when a specially crafted request is sent to the KDC, this can result in a heap corruption (buffer underrun) or possibly remote code execution resulting in a loss of avilability and possibly confidentiality and/or integrity.\n## References:\nVendor Specific Solution URL: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-patch.txt\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-266)\nRedHat RHSA: RHSA-2003:052-25\nRedHat RHSA: RHSA-2003:091-22\nRedHat RHSA: RHSA-2003:051-30\nKeyword: kerberos\nKeyword: buffer underrun\nKeyword: kdc\nKeyword: key distribution center\nKeyword: heap corruption\nISS X-Force ID: 11582\nGeneric Informational URL: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt\n[CVE-2003-0082](https://vulners.com/cve/CVE-2003-0082)\nBugtraq ID: 7185\n", "modified": "2003-03-19T00:00:00", "published": "2003-03-19T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4902", "id": "OSVDB:4902", "title": "Kerberos 5 Key Distribution Center Heap Corruption DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0060"], "edition": 1, "description": "## Vulnerability Description\nMIT Kerberos Key Distribution Center (KDC) contains a flaw that may allow a remote attacker to crash the service and possibly execute arbitrary code. The issue is due to format string flaws in the logging routines and Kerberos principal name specifiers of the KDC. If an attacker provides a specially crafted request, they can crash the service or execute arbitrary code with the same privilege the server runs under.\n## Solution Description\nUpgrade to version 1.2.5 or higher, as it has been reported to fix this vulnerability. It is possible to partially correct the flaw by implementing the following workaround: Start KDC from a loop in a shell script, or from inittab. Please note that inittab is not recommended because it may fail if the KDC is crashed often in a short period. However, this workaround does not address the possibility of exploiting the format string vulnerability to gain access to the host system, so an upgrade is strongly recommended.\n## Short Description\nMIT Kerberos Key Distribution Center (KDC) contains a flaw that may allow a remote attacker to crash the service and possibly execute arbitrary code. The issue is due to format string flaws in the logging routines and Kerberos principal name specifiers of the KDC. If an attacker provides a specially crafted request, they can crash the service or execute arbitrary code with the same privilege the server runs under.\n## References:\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt)\nISS X-Force ID: 11189\nGeneric Informational URL: http://www.ietf.org/rfc/rfc1510.txt\n[CVE-2003-0060](https://vulners.com/cve/CVE-2003-0060)\nCERT VU: 787523\nBugtraq ID: 6712\n", "modified": "2003-01-28T00:00:00", "published": "2003-01-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4879", "id": "OSVDB:4879", "title": "MIT Kerberos Key Distribution Center Format String Logging", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0138"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-006.txt.asc)\nOther Advisory URL: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt\nISS X-Force ID: 11570\n[CVE-2003-0138](https://vulners.com/cve/CVE-2003-0138)\nCERT VU: 623217\nBugtraq ID: 7113\n", "modified": "2003-03-17T00:00:00", "published": "2003-03-17T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4869", "id": "OSVDB:4869", "title": "Kerberos4 Realm Principle Impersonation", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:59", "bulletinFamily": "software", "cvelist": ["CVE-2003-0072"], "edition": 1, "description": "## Vulnerability Description\nKerberos 5 contains a flaw that may allow an authenticated attacker to perform a remote denial of service. By sending a request with a name containing no components, one or more empty components, or a missing host name, the KDC will read memory past the end of an array, possibly causing it to crash.\n## Solution Description\nMIT has released a patch to address this vulnerability. Refer to vendor-specific advisories for updated packages.\n## Short Description\nKerberos 5 contains a flaw that may allow an authenticated attacker to perform a remote denial of service. By sending a request with a name containing no components, one or more empty components, or a missing host name, the KDC will read memory past the end of an array, possibly causing it to crash.\n## References:\nVendor Specific Solution URL: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-patch.txt\n[Vendor Specific Advisory URL](http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F54042&zone_32=category%3Asecurity)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-266)\n[Vendor Specific Advisory URL](http://www.linuxsecurity.com/advisories/immunix_advisory-3134.html)\nRedHat RHSA: RHSA-2003:051\nKeyword: array overrun\nKeyword: SEAM\nKeyword: Sun SEAM\nISS X-Force ID: 11582\n[CVE-2003-0072](https://vulners.com/cve/CVE-2003-0072)\nCIAC Advisory: n-062\nBugtraq ID: 7184\n", "modified": "2003-03-19T00:00:00", "published": "2003-03-19T00:00:00", "id": "OSVDB:4901", "href": "https://vulners.com/osvdb/OSVDB:4901", "title": "Kerberos 5 KDC Array Overrun DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2004-0643"], "edition": 1, "description": "## Vulnerability Description\nKeberos contains a flaw that may allow a malicious user to execute arbitrary commaands. The issue is triggered when krb5_rd_cread() tries to free allready freed buffers that were returned by decode_krb5_enc_cred_part() when error occurs. It is possible that the flaw may allow compromise entire Kerberos realm if victim is running KDC resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 5-1.3.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nKeberos contains a flaw that may allow a malicious user to execute arbitrary commaands. The issue is triggered when krb5_rd_cread() tries to free allready freed buffers that were returned by decode_krb5_enc_cred_part() when error occurs. It is possible that the flaw may allow compromise entire Kerberos realm if victim is running KDC resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57631-1)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/support/docview.wss?uid=swg21188222)\nSecurity Tracker: 1011106\n[Secunia Advisory ID:12408](https://secuniaresearch.flexerasoftware.com/advisories/12408/)\n[Secunia Advisory ID:12412](https://secuniaresearch.flexerasoftware.com/advisories/12412/)\n[Secunia Advisory ID:12503](https://secuniaresearch.flexerasoftware.com/advisories/12503/)\n[Secunia Advisory ID:12694](https://secuniaresearch.flexerasoftware.com/advisories/12694/)\n[Secunia Advisory ID:12413](https://secuniaresearch.flexerasoftware.com/advisories/12413/)\n[Secunia Advisory ID:12414](https://secuniaresearch.flexerasoftware.com/advisories/12414/)\n[Secunia Advisory ID:12411](https://secuniaresearch.flexerasoftware.com/advisories/12411/)\n[Secunia Advisory ID:12410](https://secuniaresearch.flexerasoftware.com/advisories/12410/)\n[Secunia Advisory ID:12457](https://secuniaresearch.flexerasoftware.com/advisories/12457/)\n[Related OSVDB ID: 9407](https://vulners.com/osvdb/OSVDB:9407)\n[Related OSVDB ID: 9409](https://vulners.com/osvdb/OSVDB:9409)\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000860\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-350.html\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:088\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200409-09.xml\nOther Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml\nOther Advisory URL: http://www.debian.org/security/2004/dsa-543\nISS X-Force ID: 17158\n[CVE-2004-0643](https://vulners.com/cve/CVE-2004-0643)\nCERT VU: 866472\n", "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "id": "OSVDB:9408", "href": "https://vulners.com/osvdb/OSVDB:9408", "title": "MIT Kerberos 5 krb524d krb5_rd_cred() Arbitrary Code Execution", "type": "osvdb", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2004-0644"], "edition": 1, "description": "## Vulnerability Description\nMIT Kerberos 5 distribution contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker impersonating a legitimate key distribution center or application server may cause a client program to hang inside an infinite loop via a specially crafted BER encoding and will result in loss of availability of the service.\n## Solution Description\nUpgrade to version krb5-1.3.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nMIT Kerberos 5 distribution contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker impersonating a legitimate key distribution center or application server may cause a client program to hang inside an infinite loop via a specially crafted BER encoding and will result in loss of availability of the service.\n## References:\nVendor Specific Solution URL: http://web.mit.edu/kerberos/advisories/2004-003-patch_1.3.4.txt\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57631-1)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/support/docview.wss?uid=swg21188222)\nSecurity Tracker: 1011107\n[Secunia Advisory ID:12408](https://secuniaresearch.flexerasoftware.com/advisories/12408/)\n[Secunia Advisory ID:12412](https://secuniaresearch.flexerasoftware.com/advisories/12412/)\n[Secunia Advisory ID:12503](https://secuniaresearch.flexerasoftware.com/advisories/12503/)\n[Secunia Advisory ID:12414](https://secuniaresearch.flexerasoftware.com/advisories/12414/)\n[Secunia Advisory ID:12413](https://secuniaresearch.flexerasoftware.com/advisories/12413/)\n[Secunia Advisory ID:12411](https://secuniaresearch.flexerasoftware.com/advisories/12411/)\n[Secunia Advisory ID:12410](https://secuniaresearch.flexerasoftware.com/advisories/12410/)\n[Secunia Advisory ID:13612](https://secuniaresearch.flexerasoftware.com/advisories/13612/)\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000860\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-350.html\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:088\nOther Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml\nOther Advisory URL: http://www.debian.org/security/2004/dsa-543\n[CVE-2004-0644](https://vulners.com/cve/CVE-2004-0644)\n", "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "id": "OSVDB:9406", "href": "https://vulners.com/osvdb/OSVDB:9406", "title": "MIT Kerberos 5 ASN.1 Decoder DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2004-0642"], "edition": 1, "description": "## Vulnerability Description\nMIT Kerberos 5 contains a flaw related to a double free in the KDC ASN.1 error handling code that may allow an attacker to run privileged code of the attackers choosing. MIT note that no published means of exploiting a double free is known, impying that a real world exploit would be difficult at best. Should this feat be achieved, a complete Kerberos realm could be compromised.\n## Solution Description\nUpgrade to version 1.3.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as the fix is complex and affects library code as well as executables.\n## Short Description\nMIT Kerberos 5 contains a flaw related to a double free in the KDC ASN.1 error handling code that may allow an attacker to run privileged code of the attackers choosing. MIT note that no published means of exploiting a double free is known, impying that a real world exploit would be difficult at best. Should this feat be achieved, a complete Kerberos realm could be compromised.\n## References:\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57631-1)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/support/docview.wss?uid=swg21188222)\nSecurity Tracker: 1011106\n[Secunia Advisory ID:12408](https://secuniaresearch.flexerasoftware.com/advisories/12408/)\n[Secunia Advisory ID:12412](https://secuniaresearch.flexerasoftware.com/advisories/12412/)\n[Secunia Advisory ID:12503](https://secuniaresearch.flexerasoftware.com/advisories/12503/)\n[Secunia Advisory ID:12694](https://secuniaresearch.flexerasoftware.com/advisories/12694/)\n[Secunia Advisory ID:12414](https://secuniaresearch.flexerasoftware.com/advisories/12414/)\n[Secunia Advisory ID:12413](https://secuniaresearch.flexerasoftware.com/advisories/12413/)\n[Secunia Advisory ID:12411](https://secuniaresearch.flexerasoftware.com/advisories/12411/)\n[Secunia Advisory ID:12410](https://secuniaresearch.flexerasoftware.com/advisories/12410/)\n[Secunia Advisory ID:12457](https://secuniaresearch.flexerasoftware.com/advisories/12457/)\n[Secunia Advisory ID:13612](https://secuniaresearch.flexerasoftware.com/advisories/13612/)\n[Related OSVDB ID: 9408](https://vulners.com/osvdb/OSVDB:9408)\n[Related OSVDB ID: 9409](https://vulners.com/osvdb/OSVDB:9409)\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000860\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-350.html\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:088\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200409-09.xml\nOther Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20040831-krb5.shtml\nOther Advisory URL: http://www.debian.org/security/2004/dsa-543\n[CVE-2004-0642](https://vulners.com/cve/CVE-2004-0642)\nCERT VU: 795632\n", "modified": "2004-08-31T00:00:00", "published": "2004-08-31T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:9407", "id": "OSVDB:9407", "title": "MIT Kerberos 5 Double-free Error Condition Code Execution", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}