krb5 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1206432070
업데이트 : 2008.03.25
상세내용
1.3.4-54.1 update
- fixed CVE-2007-5971
- fixed CVE-2008-0062
- fixed CVE-2008-0063
CVE-2007-5971:
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in
lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and
attack vectors.
CVE-2008-0062:
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4
message types, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via crafted messages that trigger
a NULL pointer dereference or double-free.
CVE-2008-0063:
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly
clear the unused portion of a buffer when generating an error message, which
might allow remote attackers to obtain sensitive information, aka
"Uninitialized stack values."
Autoupdates 지원 : Packages System
pkgadd -F "krb5*"
update 패키지
RPMS :
. krb5-libs-1.3.4-54.1.i686.rpm
. krb5-server-1.3.4-54.1.i686.rpm
. krb5-workstation-1.3.4-54.1.i686.rpm
. krb5-devel-1.3.4-54.1.i686.rpm
SRPMS :
. krb5-1.3.4-54.1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
|