安全研究
安全漏洞
MIT Kerberos 5 KAdminD服务程序RPC类型转换栈溢出漏洞
发布日期:2007-06-26
更新日期:2007-06-27
受影响系统:
MIT Kerberos 5 <= 1.6.1不受影响系统:
MIT Kerberos 5 1.6.2描述:
MIT Kerberos 5 1.5.4
BUGTRAQ ID: 24657
CVE(CAN) ID: CVE-2007-2443
Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。MIT Kerberos 5是一种常用的开源Kerberos实现。
Kerberos在处理RPC接口上的数据类型转换时存在漏洞,远程攻击者可能利用此漏洞控制服务器或导致拒绝服务。
Kerberos src/lib/rpc/svc_auth_unix.c文件中的gssrpc__svcauth_unix()函数将从IXDR_GET_U_LONG获得的无符整数存储到了有符整型变量str_len,然后检查str_len是否小于MAX_MACHINE_NAME,当将很大的无符整型转换为有符整型时str_len总为负值。一旦通过了长度检查,gssrpc__svcauth_unix()就会用str_len的长度调用memmove(),目标为栈中缓冲区。
这个漏洞很难被利用,因为memmove()实现接收到了很大数值的话就会在返回之前出现内存访问错误,导致无法利用被覆盖栈帧中被破坏的返回地址。但有些memmove()实现也可能调用其他过程,因此可以利用被破坏的返回地址。
成功攻击可能导致完全入侵Kerberos密钥数据库,破坏KDC主机的安全性(kadmind通常以root权限运行),不成功的攻击也会导致kadmind崩溃。
<*来源:Wei Wang
链接:http://marc.info/?l=bugtraq&m=118288260615634&w=2
http://www.kb.cert.org/vuls/id/365313
http://secunia.com/advisories/25800/
http://docs.info.apple.com/article.html?artnum=306172
https://www.redhat.com/support/errata/RHSA-2007-0562.html
https://www.redhat.com/support/errata/RHSA-2007-0384.html
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
http://www.debian.org/security/2007/dsa-1323
http://security.gentoo.org/glsa/glsa-200707-11.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1323-1)以及相应补丁:
DSA-1323-1:New krb5 packages fix several vulnerabilities
链接:http://www.debian.org/security/2007/dsa-1323
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.dsc
Size/MD5 checksum: 782 b600466763baa4f89a8fed5a832eb9d3
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge5.diff.gz
Size/MD5 checksum: 669293 0e9dfa39e8db2e0ce871ba40c46c925e
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz
Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge5_all.deb
Size/MD5 checksum: 718836 58c01536ff87db5d3492264349fe844c
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 115250 ac5498fab92f1047f47f45bb8269fcee
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 247680 f5201ab228a84b6f25ed42e422f6fd92
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 62994 fd67dbebb83e11fe7a8d35b4a5209293
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 137138 d44e84b8e1c36215644d8224ae685e96
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 89720 a4b4f7829ef043e7013887fdb967606f
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 72246 cf93e00c42669deba711fcfbde5285c8
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 144880 e71073e49208fae27ef0a20c7920ad48
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 201848 7e5171239d1e3970665029a2286acbb4
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 861082 4017652625bc8408d5e1eb3f056699c4
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_alpha.deb
Size/MD5 checksum: 422580 385ae85ece57a191de28006b2b1ed342
AMD64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 104806 d3cb00189b4a3860ed2c89620733d4bb
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 216896 c33630904c3b747231ab395734213076
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 56952 7a55c1a696cf6d7afe84fdbc0ecc59c5
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 124744 600f391ee2adc80b057309ccd45b0748
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 82710 8baedacdf63faf0bf27c41997f15a0d7
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 63508 9b9d4ab137302d171649de86dbd5f2a7
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 137754 536e88b5bdab0b8385fdd151d7295555
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 177638 47af31f544051191e34a81bb230f3e69
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 652300 64c39da5cd28173831c590c1a61024e1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_amd64.deb
Size/MD5 checksum: 369328 e69e658a600a340b7a981052cc93ba9f
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 93646 faaef2bab601737cacaf68e76e3dbf34
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 192816 32dec2b45048cf676c2bb6ec6a112059
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 53622 e92d321dd916aef35eac84262a4a1588
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 115482 dec623ef4600dc421913c3ca2ec72d58
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 74830 27f2658bfda9f00a087729327d432ebd
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 58072 f99b48f1ac07af6dcc535865e49d624c
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 127434 851dd02ade2f7c2bf9ae426a0dc5ba05
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 158612 f5938d0b59cc422e2294d1896256caab
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 633732 7b127ba96aa58e05239fe5db1421422d
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_arm.deb
Size/MD5 checksum: 329106 37983d2d8d695fcc8222b56aeafc7755
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 95562 44f32bde8d022a5470a42140d1bcb954
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 191416 964c7c623b644452dfe58f2ee2b86dc0
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 52786 7a361e5a8227cf636453ca3aefc54c9b
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 116206 a4af925389a4d55abc9704f05ac052b1
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 75788 5a79c1c8d595581fdcc27ccdcda612a2
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 57662 037209dc7761a16fc5282e6b373a8fca
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 127798 acb7e4b04bf386e8594e449fd9a95dc8
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 165626 1c0b1e4889d92cc0c97daadc189aa743
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 574668 8aac1db731617b5015c45e51e6b30f20
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_i386.deb
Size/MD5 checksum: 349298 28cb1b7e93d7e9b242c26e3fadb14bb5
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 134246 9555b71e95fbe2fb9403695a65cafd6d
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 289292 2dab5accaddbc29420a223c20de929ec
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 73556 20e15b093ee0e4efffbb03627272f16c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 165184 85a76d6868eacd78ca88133fe957d995
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 105196 b87d5fc52475fcb2d8ff09fdc9d46e2b
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 79886 a654514144fbcd0a812d02f30639b112
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 167284 b676f995535a9325c46aa4f03afa1fa5
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 240282 ada1d10c3b9b4e51f993941f0e8d7665
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 889920 105736b14155889b7debf6cd15d5546d
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_ia64.deb
Size/MD5 checksum: 502292 b71bd188e84560d31a219e8ac21d58a8
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 88578 1fcc7a5c72b58e15a1ef53282612dc11
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 174092 a1346e11d3c673465a903ed8215b7977
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 49672 e368b2312d0cd51659d745ffc3a6e9ef
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 107558 c7bf6c510204d27c2bc3760a3559b5a2
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 71022 8beae7d9ad2f209c3215c5cc179c76c6
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 53372 7002f0e3817149c366f950b32bd2946d
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 122016 c1ff4c21006edbcf4b5237399194de28
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 147764 4655d1f97616be4f4478b5085023655e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 515972 7cec6b8d59256b8c462778fde0bd3af1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_m68k.deb
Size/MD5 checksum: 305778 18420408dae60ce00b5b900fbab28ac3
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 103712 0a6558bdadd813cce1bb47dc233a1112
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 226438 63db967453b718c561c56baa210f2744
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 58074 598ce5bab6e7bc10c49f038032191326
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 130076 185a1dabcc2f1490f5987d69b3441c03
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 81950 dc9a311b5ea88ab3b27b1c0b5e659581
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 65172 43d848ee18a3eded2baf30a4e8f251b6
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 146596 cd420acf5628bed07efd62bbdd862c88
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 165542 a1edb64a49cd50251446d5d35a79e759
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 682676 dd551874ba304c8cf0065894f9cf214f
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_mipsel.deb
Size/MD5 checksum: 355026 5e99bdfe2739551408df87472039119d
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 99546 9f3546e76ad1aed64e032b7c6434ed39
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 214080 00febbe2a584e8cb968ac937763a1fe1
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 57122 b326e341ebee13475b5c849ddff72e38
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 121268 1daadcd27148d587cb8e9af0910c59b2
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 82266 701ffdeb4317ec1e28eb681105a4eec9
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 63338 ab7c806809dc781706677db9310bedca
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 132890 e65b4d4ab0939869de00ab56ca2a7e99
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 180230 add2aca7089408f6bf63631f6a868743
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 624794 3dcf015453fc4efc3d816642ea60fbb1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_s390.deb
Size/MD5 checksum: 376082 2cbdfb35170595b44ffe6db5c1d9ea53
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 93254 f830fbb6c019eda7d9265b3d8aab483f
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 194480 357c01580364692f1e376d89ae7d5331
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 53430 16e5adcf7039aae4a11db7600b777103
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 113980 0e5e89cf5650001ec22cadd76e629178
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 73502 37a850a5e67b6e5cace492fb878e022e
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 58850 68dd3e6f9e97452d673a28437a3a4d13
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 126702 8f20196fb207252afe330e7c0350b139
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 157616 d518bfa68d50df0bf27361ca69428f63
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 576694 63c216ea9026abde6c1d5e089bcb5145
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge5_sparc.deb
Size/MD5 checksum: 330330 7377bd0e6311a39b654b003fd4b2be8e
Debian GNU/Linux 4.0 alias etch
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.dsc
Size/MD5 checksum: 876 e3cd71d7eabf49400b3d8a1d95211f4f
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch2.diff.gz
Size/MD5 checksum: 1586282 e75d8f6c78b237293d7304a3841555ae
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz
Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch2_all.deb
Size/MD5 checksum: 1806006 3d366afb24799688b4fabd7ecc5e007a
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 89332 cbca1d495cb5eac6b13ef0ddfce1060c
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 245266 165fb49c189574f3782b4c4239d8ef6d
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 65630 de5f83465d807a0b099759a4e8cce9ff
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 154750 bb9feca58a18c19db85f4ef3a4b029e8
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 91280 9ddd34cfa4a34e9a1900530216a78952
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 75784 017309cfe9f412fce8fd454c7b28fdca
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 135772 465c04a02fec12a418ca691a9b74c1d0
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 215878 44adbd9298bc3780341d0d8f5c0caddb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 1087254 41c5e7f7e2476de846c162d246ea933d
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 1016522 61aec4123205e9af5f4f3e7a6fe27022
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_alpha.deb
Size/MD5 checksum: 460670 1051846f68a6d87faad7236e04bdb0e9
AMD64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 83586 d9b4e9e875a366832350e1c95c1c6a65
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 221586 9d851f44afd3b5adfd17b205484459b7
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 61794 7680822b84e8fa0dc57f6063f9bc5f05
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 141944 1432c99be4b1364b19532d66c1c8763f
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 86386 5a440b2a196ce42b50e16319faa7479d
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 67886 a3ebf674a4b052820270241dab855ec8
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 130958 226dbd935af818567708ebeba7a9c227
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 190206 e3efa4211a03d8debfdf020bc47e5b2d
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 1070554 f810de40e436f41bab20c8186ca63dac
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 766826 c5475d452ad8a95f2d4e5daf1da725b5
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_amd64.deb
Size/MD5 checksum: 426790 fb5f8a2b756b207dd2332f83e102323e
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 78404 b2730ed3fa099f2c3d50b6836e87ba59
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 200084 76da1b3b1ccb520639ef996d21a7557f
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 59010 e60f38993fa3c670608325517fe22af2
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 135662 9caa02a51ce92c3c40552e6aa27e8696
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 80686 388682450e870636feea07b7ff3aff1d
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 63022 751ebb05d33d389dfa7d55704e74d6d6
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 124738 ac617e72f7f823e1eb4ae667251b94d9
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 172388 9dce28d9ec809648cd1a79f41f7d90b6
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 1013010 d6a3d4bd11885cd3a69cc2d3350006ea
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 681822 2479bb0379c2245f2ab231cfe1d83daa
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_arm.deb
Size/MD5 checksum: 390158 c18cff17e05d17f0947f1170a9858ede
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 78266 5154337142097dce09983caf06d5f56b
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 196160 87ea7485f3693951fcabd3f873a000d2
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 57706 ecab97060f8c6900a5d8bc8e9c6e896e
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 132882 c76e322bb6167e1906555527237496cd
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 79976 e081e7fb29751bd212b567327ca6fb37
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 62098 dfde91574f4cfb577d6a991cec074c79
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 123894 808e5c1834fe320210b6a7369df44b36
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 173712 95173cebbb49797f2bde06a5a3736e46
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 1037402 afe34de0a092d270f109baa7ef5084e5
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 679788 d539aa8fcabac7a48c90599eb91701f1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_i386.deb
Size/MD5 checksum: 408042 47a0ae9a146e6da1dd86e95a04117024
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 105226 d6ce98fa1da5a18afe0bdafdc09db9d0
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 305572 ebdb567d79eb20300c9eb30d5ec59410
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 79980 393bb98e93c299957212e0a2a1e1409b
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 190262 289b99110b096c5ff60469e681da490c
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 112876 ad06b4a85739acfc94c4451677530a4f
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 90976 66ec4cd6243f030a3b3830d4d1bf51e8
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 164292 521aa80abb40e57ecf36eb5bf9b80eb6
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 269080 e006a2721d9fadac37eb8442fe5d7f8d
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 1043352 007e8e3f3113a0bc321fef7d81ff4cd3
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 1087924 d7b726fe75c559919c64f5087a7440c3
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_ia64.deb
Size/MD5 checksum: 591866 34fb4f64b5dff9d83f59cba2d7e57f2a
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 82318 95e9a5e0569ec60ba2b55bb82b04181f
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 232432 05f87c5906ed13ae5772ee4491e1cbca
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 63476 b5755959695f8d9020ccd09e6b584f9e
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 145524 5f0627bb219954ddf4905b4004e2a5e0
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 87124 6ef209f34df61d1fb13dfb9677dd0b6e
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 71254 de9ff4c949d9884b3b9a82656fe95d9a
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 130788 762b8eefbdb9a9f79659494c62cb7419
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 179098 f5f3a920ff180577586e0003d64b5acb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 1087132 569472df9ce5f4df094ddf79b701583f
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 809914 9895d8a270131c35e1217a1ba8ee85f1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_mipsel.deb
Size/MD5 checksum: 391474 ee48cbaca60d60cb1584191030085cb6
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 84046 cc0be4335be3e5eb7f7dd1a3cbb504c7
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 222462 5fd0ce58662eac67c1d9caa23cd24c90
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 61598 0c1f7f15ec8a41ca340478d5669e3bb4
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 143594 3fad4b1fff8d0a70ce530180e799ac85
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 86528 3907fcd08771c6d7261740b94eee40b5
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 67052 1d5fbbb5695a66ed903adda6113b45d4
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 136958 233c7ecc4d33abe899805f4d92cbeb43
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 179156 44304ebd379667005d24e1ec5b9c7167
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 1082790 77e1e36874e3db3ebe471aa52e79cba7
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 753022 70bf09df171ae026a9337724abd7dfc9
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_powerpc.deb
Size/MD5 checksum: 399030 4f11496977ac1c746ec1bacc1f2205ec
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 81786 2146c00d503bb4455593630d4e4707d6
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 224108 578dc3c705b1501e37fcf1834080b542
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 63048 a2b2b8e78da2e2b207a94a04ca0c4e9f
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 140046 87cd01d54b0d0ca314a3716b2e0f54a2
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 87534 8d0e237605a5c54f34ed198558342363
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 68440 2631021a45cfb29236aa524dd3234541
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 128958 023be98f1a054677fcb1ace95653ea7e
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 195080 8502b5505f9b252a7f0d200dc5be85ac
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 1073128 ad08636e13503edc6ce9ac9cf9ff44e6
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 733022 5f25c1f401d0e43bdd51086c868cb094
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_s390.deb
Size/MD5 checksum: 438628 58f8b8cb60a14a3edcda9febd56546e5
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 76770 1b0af6801a37418c2bbbaa6b1b8c20e1
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 199924 008ea235beb8ed8dbf181e71abfe01df
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 57880 e4561cfd37a5cd708f9ea6966d2d8a6c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 131388 6a618855cf4806b6e7abad089d3d78de
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 77880 9fd5cf23f8c098f297bdcda0a9acd097
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 63444 47c9e40f338a79e24e41798243869649
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 122726 fd827d3326e58af36ff5d0dd5d699828
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 166268 fa4b89ccb2635edb5663ce9f2604b700
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 961632 60367beb3dafafc863e9894a3b8286d1
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 680014 221de232e06aee803dcb82c765c16ca6
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch2_sparc.deb
Size/MD5 checksum: 372316 26eb94cff90eb6d8b823ad45e9f874a6
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
MIT
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://web.mit.edu/kerberos/advisories/2007-004-patch.txt
http://web.mit.edu/kerberos/advisories/2007-004-patch.txt.asc
RedHat
------
RedHat已经为此发布了安全公告(RHSA-2007:0562-01,RHSA-2007:0384-01)以及相应补丁:
RHSA-2007:0384-01:Critical: krb5 security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0384.html
RHSA-2007:0562-01:Important: krb5 security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0562.html
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200707-11)以及相应补丁:
GLSA-200707-11:MIT Kerberos 5: Arbitrary remote code execution
链接:http://security.gentoo.org/glsa/glsa-200707-11.xml
所有MIT Kerberos 5用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.5.2-r3"
浏览次数:3563
严重程度:0(网友投票)
绿盟科技给您安全的保障