安全研究
安全漏洞
MIT Kerberos 5 KAdminD服务程序SVCAuth_GSS_Validate远程栈溢出漏洞
发布日期:2007-09-04
更新日期:2007-09-05
受影响系统:
MIT Kerberos 5 5-1.4 - 5-1.6.2不受影响系统:
MIT Kerberos 5 5-1.6.3描述:
BUGTRAQ ID: 25534
CVE(CAN) ID: CVE-2007-3999,CVE-2007-4743
Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。MIT Kerberos 5是一种常用的开源Kerberos实现。
Kerberos的RPC程序库在处理RPCSEC_GSS认证时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。
MIT krb5 Kerberos管理守护程序(kadmind)在实现RPCSEC_GSS认证时没有执行充分的长度检查便将不可信任的数据拷贝到了栈缓冲区。src/lib/rpc/svc_auth_gss.c文件的svcauth_gss_validate()函数用于认证入站的RPC消息,该函数中的memcpy()将很多字节拷贝到了128字节长的栈缓冲区rpchdr,具体长度取决于RPC头,是攻击者可控的。xdr_callmsg()调用提供svcauth_gss_validate()所使用的解码后的rpc_msg结构,确保所提供的长度不会超过MAX_AUTH_BYTES(400字节),但目标缓冲区小于这个大小,因此可能被溢出。
在完成RPC消息认证之前就会执行有漏洞的代码,因此无须认证便可利用这个漏洞触发溢出,导致执行任意代码。请注意这是krb5所使用的RPC库中的漏洞,而不是Kerberos协议本身的漏洞。
<*来源:Tenable Network Security (http://www.tenablesecurity.com/)
链接:http://marc.info/?l=bugtraq&m=118893405627799&w=2
http://www.kb.cert.org/vuls/id/883632
http://secunia.com/advisories/26676/
http://marc.info/?l=bugtraq&m=118963288603114&w=2
https://www.redhat.com/support/errata/RHSA-2007-0858.html
http://security.gentoo.org/glsa/glsa-200709-01.xml
http://www.debian.org/security/2007/dsa-1367
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1&searchclause=
https://www.redhat.com/support/errata/RHSA-2007-0892.html
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1367-2)以及相应补丁:
DSA-1367-2:New krb5 packages fix arbitrary code execution
链接:http://www.debian.org/security/2007/dsa-1367
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch4.dsc
Size/MD5 checksum: 876 77cfeed4304b589e90db0651c8350d92
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch4.diff.gz
Size/MD5 checksum: 1589790 dab0c692e09564434a645b13646e5fdd
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz
Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch4_all.deb
Size/MD5 checksum: 1811994 3ff6393e824c3416fd36a8e4ad245d42
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 89472 d43903519a6ec1d6ff2dbd6bbececf36
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 245448 b6d7648b9c4827e6c4035695877e200c
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 65734 829a6d48898b98cc76e85dab102750e1
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 154880 fe3448535d05825b20833b94580074d1
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 91454 3b744955a52022455e1bb813705a860f
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 75942 46c14d351ed56c88960d2bd3a20779b4
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 135934 3ab40ecc6dd191f45ae03a8582945932
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 216080 66abe9f8c7503b6681fa29cf59974d0f
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 1087408 240be01391324069e9af19c8117af443
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 1016762 291da65300001e7fc24205be3bd493d1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_alpha.deb
Size/MD5 checksum: 460840 e648f5f29d66b15eddceb176570440ab
AMD64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 83740 05058bd16775b4fe89e47afb14058ea7
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 221734 edc3f9d1a135e39aafbc16e918ee8a7b
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 61952 956dd0cfb2dd16f2524375cc3f357044
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 142098 29af8744c756aefa5c77f19c3c5a332e
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 86538 a60480f71dd39c72eb51cb404802dea3
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 68058 d2de9ab6bd56fb8add00edac92d8da56
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 131122 6b9502cec3a397c29be7ff206197d6d4
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 190364 2ea3ccdaa871aa0fb53edb93636f26b1
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 1070666 d1923d1bf7360747887944c2729368eb
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 767018 63738fc882e783ed30a023b6b38545b6
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_amd64.deb
Size/MD5 checksum: 426954 5701d1434fb198f26220f84f928ed945
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 78634 416ea01d845105f503ddf99c7758676f
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 206074 0f5bd2d2c55fea123a21a16a7efc02e7
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 59630 81ab701d038f60e2abcd2aebbf53fc31
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 135836 78a0a1fc05dbf1918b6c865449a35d74
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 81226 f6a57ec4c5d865a604f58bfc93d96e6a
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 63232 b392da99a08aea4254d40695e4a53125
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 123352 82aa11476a1bf7feb01dbc356c5f4420
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 172918 f30e6b728ec9d0546ba465c19344b068
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 1013404 1b12de71659a6cd2689fcf3a85cd869e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 682412 5b0c452f8114da126a480943330c5ead
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_arm.deb
Size/MD5 checksum: 389864 029eb817220bebdc856a8810b57cdabb
HP Precision architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 85108 7c46b2323311c7b4a2de491e773a1e2a
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 231894 eda1dac6e62fea03078e68a5397dbde5
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 64016 368ee737857838a4bd7df4985e4ae5c5
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 144862 46266e20a606556d02e69fd6cb93e078
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 87364 22bf8eccb84d3a03c21a59eef3f7e89b
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 69500 e757474d2b1a6d6b938918b0b1dee849
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 132570 90161d70941d761f16923cbb62e7a9e4
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 201042 4aa10dc30dbbde41ef4ef7e87cc3edd5
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 1050428 8c78a8070e4ab6f2fe658d33a2bee329
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 815018 7ecfb1b5fed89b86eb887f8ef18b421f
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_hppa.deb
Size/MD5 checksum: 441492 e4f1e64d39620ae7833cfe4b66888256
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 78428 bd239c7c1e581d536ab837555ffcc571
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 196348 1ce07d159debed55529619751319852d
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 57880 9611a24da9801795af3940726b5dbd52
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 133104 cffd0607acb39ba19114033f56df64ef
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 80138 4b5b3aecc77bdbe694ffb9662b645e01
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 62258 171bf997e6f76cc2af8ed1074c39b3a3
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 124050 6f2032256a5d8ab0027fc5b215b04b7e
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 173912 650dcfae2ec55e8ce1e27d787b541f39
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 1037652 6793e0d117eb4280b7151e5300591fb3
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 679996 bbc574665eb918ae649c648cfe26e1b1
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_i386.deb
Size/MD5 checksum: 408204 2f3c3ea0f2765acb9885e0a33647ba0d
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 105390 d3e7d363f5f2d5797c6a6e6c4c7b5b24
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 305704 b88a1549ed9e17426e54560e37f54fd6
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 80132 1513646f1982780f506438f4e59fcce6
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 190398 187339122b125b53f825247512c33af9
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 113024 176ced8c8d0feb08cd196cc5048fa0d6
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 91130 1a4c299f0aa8d4869d1db2f5fb45b199
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 164426 73b649f11cad11e4616dde7e2cf6e7b4
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 269330 bac1521397f2e5135b4a530d58c0ada5
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 1043480 1eb9773aa0dda3f2dc28e2580b9b188e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 1088228 8f4e27b8a611395ec50486a7defa9ea4
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_ia64.deb
Size/MD5 checksum: 592030 64d88b36c4dbe1b2988397d7d4f957d0
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 82456 ac210eb5d8751714a29ffabed046addd
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 232588 c0d59b0f2e4f33c61d3eeefbae13c0ed
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 63630 a58db5a76768de5f756f72cdbf1836f1
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 145690 d43fd52f894d1038912174b11728a228
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 87268 2bdd27fd0e7a063d890292ac3ffd34d4
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 71406 c057d0abfb0314545c450f8b14c66bfc
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 130940 07fb2c972dc9bb7d8391f1b4e74ed6ed
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 179248 b6e2df454b9c06fd852941729f37540a
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 1087180 beacba076f641de0884a8b9d028d26ea
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 810128 4f337508fd9603ed5dc8145d89808788
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_mipsel.deb
Size/MD5 checksum: 391640 173c49364a618e0e05caaf92e1190fdf
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 84186 b89e7b3dc17ceee46db2680ccaff3497
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 222588 7f4e321936c8791f377b1c4be01dd8e9
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 61746 80c86dfd14c9676770254001927c226b
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 143734 a8062bb672284dc7a52abb052e23510f
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 86682 3b00ae318fbf6266545bbced5f21143d
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 67206 8cda9e39e2239cbb42595662cb3b0fe1
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 137116 a1f0a69e71059daa30c3b96f320356ee
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 179360 5533e34cf7191c040313ca9c128ec67f
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 1082964 3bab4542704af8be4b25279ae8d7114c
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 753246 0b3b3bac6d80d2e8d3cdd08a688e7576
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_powerpc.deb
Size/MD5 checksum: 399188 7aed72cc64abf2dc81fe757fe7b826f9
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 81920 9087f8f415f04b4afaf3c241a6115927
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 224244 b7c4073795b0e7da887ba23f8d228d77
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 63194 e40904f3e31d15c2cc17644a84aaf4d5
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 140200 938c654fee7f9e2be442fa7de35ee8ea
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 87682 e63a3debfcf3f8fd551cd11229cae9a6
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 68596 2df459e41b1760036bda76e6626568f4
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 129096 0f44e8f301b21d2f9555184a0c49fa32
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 195272 f2c452d3cfc7e4fb00db2bb03e95360e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 1073310 3e0c9e2e75f582616c1f1b56d2d437e9
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 733190 f9d3c0fb763df094c71e71cedc8ec9a8
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_s390.deb
Size/MD5 checksum: 438800 c37cede38b1b03441ce8ef718f758902
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 76946 b9aa5782f59af4204fe03c352ed22206
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 200100 59d4fbe32ca621ad68182e08af917b99
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 58048 20ae6c32dd3c2e7df8299e456c6d6c0c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 131512 cf6db30decf1954be86f7a3d20f43e3d
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 78042 9120d943bc4c64d45af1e16c8a16ae41
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 63608 47d94f9abb71bbddeebaec2b1fc7422d
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 122880 05b90a8383c57db1fb116ac879d3fe85
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 166456 088585f74d4eba4bf720b3e4b4090eee
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 961738 c3477afbbfebfd2e8f9ce17e13e27d1c
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 680196 d2c91a8c44f48d7ef7124557f2412132
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_sparc.deb
Size/MD5 checksum: 372476 81cb5f92cf2d69b6fa610a39d40c77a2
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
MIT
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://web.mit.edu/kerberos/advisories/2007-006-patch.txt.asc
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2007:0892-01)以及相应补丁:
RHSA-2007:0892-01:Important: krb5 security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0892.html
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-103060)以及相应补丁:
Sun-Alert-103060:Security Vulnerability in RPCSEC_GSS (rpcsec_gss(3NSL)) Affects Kerberos Administration Daemon (kadmind(1M))
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1&searchclause=
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200709-01)以及相应补丁:
GLSA-200709-01:MIT Kerberos 5: Multiple vulnerabilities
链接:http://security.gentoo.org/glsa/glsa-200709-01.xml
所有MIT Kerberos 5用户都应升级大师哦最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=3Dapp-crypt/mit-krb5-1.5.3-r1"
浏览次数:3533
严重程度:0(网友投票)
绿盟科技给您安全的保障