(RHSA-2009:0409) Important: krb5 security update

2009-04-0700:00:00

access.redhat.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.932 High

EPSS

Percentile

98.8%

JSON

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).

An input validation flaw was found in the ASN.1 (Abstract Syntax Notation
One) decoder used by MIT Kerberos. A remote attacker could use this flaw to
crash a network service using the MIT Kerberos library, such as kadmind or
krb5kdc, by causing it to dereference or free an uninitialized pointer.
(CVE-2009-0846)

All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct this issue. All running services using the MIT
Kerberos libraries must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat4ia64krb5-libs< 1.3.4-60.el4_7.2krb5-libs-1.3.4-60.el4_7.2.ia64.rpm
RedHat4s390krb5-libs< 1.3.4-60.el4_7.2krb5-libs-1.3.4-60.el4_7.2.s390.rpm
RedHat4i386krb5-devel< 1.3.4-60.el4_7.2krb5-devel-1.3.4-60.el4_7.2.i386.rpm
RedHat4s390xkrb5-workstation< 1.3.4-60.el4_7.2krb5-workstation-1.3.4-60.el4_7.2.s390x.rpm
RedHat4ppckrb5-workstation< 1.3.4-60.el4_7.2krb5-workstation-1.3.4-60.el4_7.2.ppc.rpm
RedHat4x86_64krb5-workstation< 1.3.4-60.el4_7.2krb5-workstation-1.3.4-60.el4_7.2.x86_64.rpm
RedHat4x86_64krb5-libs< 1.3.4-60.el4_7.2krb5-libs-1.3.4-60.el4_7.2.x86_64.rpm
RedHat4ia64krb5-workstation< 1.3.4-60.el4_7.2krb5-workstation-1.3.4-60.el4_7.2.ia64.rpm
RedHat4ia64krb5-server< 1.3.4-60.el4_7.2krb5-server-1.3.4-60.el4_7.2.ia64.rpm
RedHat4ppckrb5-server< 1.3.4-60.el4_7.2krb5-server-1.3.4-60.el4_7.2.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	4	ia64	krb5-libs	< 1.3.4-60.el4_7.2	krb5-libs-1.3.4-60.el4_7.2.ia64.rpm
RedHat	4	s390	krb5-libs	< 1.3.4-60.el4_7.2	krb5-libs-1.3.4-60.el4_7.2.s390.rpm
RedHat	4	i386	krb5-devel	< 1.3.4-60.el4_7.2	krb5-devel-1.3.4-60.el4_7.2.i386.rpm
RedHat	4	s390x	krb5-workstation	< 1.3.4-60.el4_7.2	krb5-workstation-1.3.4-60.el4_7.2.s390x.rpm
RedHat	4	ppc	krb5-workstation	< 1.3.4-60.el4_7.2	krb5-workstation-1.3.4-60.el4_7.2.ppc.rpm
RedHat	4	x86_64	krb5-workstation	< 1.3.4-60.el4_7.2	krb5-workstation-1.3.4-60.el4_7.2.x86_64.rpm
RedHat	4	x86_64	krb5-libs	< 1.3.4-60.el4_7.2	krb5-libs-1.3.4-60.el4_7.2.x86_64.rpm
RedHat	4	ia64	krb5-workstation	< 1.3.4-60.el4_7.2	krb5-workstation-1.3.4-60.el4_7.2.ia64.rpm
RedHat	4	ia64	krb5-server	< 1.3.4-60.el4_7.2	krb5-server-1.3.4-60.el4_7.2.ia64.rpm
RedHat	4	ppc	krb5-server	< 1.3.4-60.el4_7.2	krb5-server-1.3.4-60.el4_7.2.ppc.rpm