| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: kerberos5 | Distribution: Trustix Secure Linux |
| Version: 1.4.1 | Vendor: Comodo Trustix |
| Release: 10tr | Build date: Mon Sep 10 08:42:59 2007 |
| Group: Trustix Official | Build host: ttrmgtnived.comodo.net |
| Size: 1260940 | Source RPM: kerberos5-1.4.1-10tr.src.rpm |
| Packager: Comodo Trustix <http://www.trustix.com> | |
| Url: http://web.mit.edu/kerberos | |
| Summary: Kerberos is a network authentication protocol. | |
(MIT) Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
Distributable
* Mon Sep 10 2007 Nived Gopalan <nived at trustix dot org> 1.4.1-10tr
- SECURITY Fix: A boundary error within the implementation of the
RPCSEC_GSS authentication type exists in the "svcauth_gss_validate()"
function in src/lib/rpc/svc_auth_gss.c. This can be exploited to
cause a stack-based buffer overflow by sending a specially crafted
RPC message to a vulnerable server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-3999 to this issue.
* Thu Jun 28 2007 Nived Gopalan <nived at trustix dot org> 1.4.1-9tr
- SECURITY Fix: Some vulnerabilities have been reported in Kerberos,
which can be exploited by malicious users to compromise a vulnerable
system.
- An error exists within the "gssrpc__svcauth_gssapi" function in the
RPC library, which can cause kadmind and possibly other third-party
products to free an uninitialised pointer when receiving an RPC
credential with a length of zero.
- A signedness error exists within the "gssrpc__svcauth_unix()" function
in the RPC library, which is used by kadmind and possibly other
third-party products. This can be exploited to cause a stack-based
buffer overflow.
- Fixes stack-based buffer overflow error in kadmind within the
rename_principal_2_svc function which could allow remote authenticated
users to execute arbitrary code via a crafted request to rename a
principal.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-2442, CVE-2007-2443 and CVE-2007-2798
to these issues.
* Thu Apr 05 2007 Nived Gopalan <nived at trustix dot org> 1.4.1-8tr
- SECURITY Fix: Some vulnerabilities have been reported in Kerberos,
which can be exploited by malicious users to cause a DoS or
compromise a vulnerable system.
- An error exists in the MIT krb5 telnet daemon when processing the
username. This can be exploited to log in as an arbitrary user by
providing a specially crafted username beginning with "-e".
- A boundary error exists in the "krb5_klog_syslog()" function within
the kadm5 library, which is used by KDC, kadmind and probably other
third party products. This can be exploited to cause a stack-based
buffer overflow via an overly long string.
- A double-free error exists in the "kg_unseal_v1()" function within
the MIT krb5 GSS-API library, which can potentially be exploited to
execute arbitrary code, but requires valid credentials.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-0956, CVE-2007-0957 and CVE-2007-1216
to these issues.
* Tue Jan 16 2007 Bipin S <bipin at trustix dot org> 1.4.1-7tr
- Security Fix: The RPC library used in Kerberos administration daemon
(kadmind) and other products that use this library, calls an
uninitialized function pointer in freed memory, which allows remote
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via unspecified vectors.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-6143 to this issue.
* Mon Jan 30 2006 Nived Gopalan <nived at trustix dot org> 1.4.1-6tr
- Added Requires libcom_err-devel for devel package.
* Wed Jul 13 2005 Bipin S <bipin at comodo dot com> 1.4.1-5tr
- Double-free in krb5_recvauth (CAN-2005-1689).
Buffer overflow, Heap corruption in KDC (CAN-2005-1174) and (CAN-2005-1175)
Fixed Bug# 1073 and 1075
* Thu Jun 30 2005 Hasher Jamaludeen <hasher at comodo dot com> 1.4.1-4tr
- Security Fix: Fix for CAN-2004-0175 to krb5 rcp based on Markus Friedl's
fix for OpenSSH scp.
* Wed Apr 27 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.4.1-2tr
- Added gcc4 patch
* Sat Apr 23 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.4.1-1tr
- New Upstream
* Mon Apr 11 2005 Raghu <raghu at comodo dot com> 1.4-1tr
- New Upstream
* Thu Mar 17 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.3.6-4tr
- Rebuilt against Official Glibc-2.3.4
* Thu Mar 10 2005 Erlend Midttun <erlendbm at trustix dot org> 1.3.6-3tr
- Nuke installed but not packaged file.
* Tue Dec 21 2004 Erlend Midttun <erlendbm at trustix dot org> 1.3.6-2tr
- New upstream.
* Mon Nov 01 2004 Oystein Viggen <oysteivi at trustix dot com> 1.3.5-2tr
- Patch tempfile issue
* Fri Sep 24 2004 Syed Shabir <syedshabir at comodo dot com> 1.3.5-1tr
- New upstream with updated security bugs
* Wed Sep 01 2004 Oystein Viggen <oysteivi at trustix dot com> 1.3.4-2tr
- Patch security bugs
* Thu Jun 17 2004 Chr. Toldnes <christht at trustix dot org> 1.3.4-1tr
- New upstream version: 1.3.4
* Wed Jun 02 2004 Chr. Toldnes <christht at trustix dot org> 1.3.3-1tr
- New upstream version: 1.3.3
- Added patch to fix buffer overflow.
* Wed Feb 11 2004 Tor Hveem <torh at trustix dot org> 1.3.1-4th
- Fixed stupid error with file wildcards.
* Tue Feb 10 2004 Tor Hveem <torh at trustix dot org> 1.3.1-3th
- New package libs.
* Mon Feb 09 2004 Chr. Toldnes <christht at trustix dot org> 1.3.1-2tr
- Use system et (libcom_err)
* Mon Feb 09 2004 Chr. Toldnes <christht at trustix dot org> 1.3.1-1tr
- Initial release for Trustix
- built shared :) with no stack protection :(
/usr/bin/gss-client /usr/bin/krb5-config /usr/bin/krb524init /usr/bin/krb5ftp /usr/bin/krb5kdestroy /usr/bin/krb5kinit /usr/bin/krb5klist /usr/bin/krb5kpasswd /usr/bin/krb5ksu /usr/bin/krb5kvno /usr/bin/krb5rcp /usr/bin/krb5rlogin /usr/bin/krb5rsh /usr/bin/krb5telnet /usr/bin/krb5v4rcp /usr/bin/sclient /usr/bin/sim_client /usr/bin/uuclient /usr/sbin/gss-server /usr/sbin/k5srvutil /usr/sbin/kadmin /usr/sbin/kadmin.local /usr/sbin/kadmind /usr/sbin/kdb5_util /usr/sbin/krb5-send-pr /usr/sbin/krb524d /usr/sbin/krb5ftpd /usr/sbin/krb5kdc /usr/sbin/krb5klogind /usr/sbin/krb5kprop /usr/sbin/krb5kpropd /usr/sbin/krb5kshd /usr/sbin/krb5telnetd /usr/sbin/ktutil /usr/sbin/login.krb5 /usr/sbin/sim_server /usr/sbin/sserver /usr/sbin/uuserver /usr/share/examples/krb5/kdc.conf /usr/share/examples/krb5/krb5.conf /usr/share/examples/krb5/services.append /usr/share/gnats /usr/share/gnats/mit /usr/share/man/man1/kerberos.1.gz /usr/share/man/man1/krb5-config.1.gz /usr/share/man/man1/krb5-send-pr.1.gz /usr/share/man/man1/krb5ftp.1.gz /usr/share/man/man1/krb5kdestroy.1.gz /usr/share/man/man1/krb5kinit.1.gz /usr/share/man/man1/krb5klist.1.gz /usr/share/man/man1/krb5kpasswd.1.gz /usr/share/man/man1/krb5ksu.1.gz /usr/share/man/man1/krb5kvno.1.gz /usr/share/man/man1/krb5rcp.1.gz /usr/share/man/man1/krb5rlogin.1.gz /usr/share/man/man1/krb5rsh.1.gz /usr/share/man/man1/krb5telnet.1.gz /usr/share/man/man1/krb5v4rcp.1.gz /usr/share/man/man1/sclient.1.gz /usr/share/man/man1/tmac.doc.gz /usr/share/man/man5/kdc.conf.5.gz /usr/share/man/man5/krb5.conf.5.gz /usr/share/man/man8/k5srvutil.8.gz /usr/share/man/man8/kadmin.8.gz /usr/share/man/man8/kadmin.local.8.gz /usr/share/man/man8/kadmind.8.gz /usr/share/man/man8/kdb5_util.8.gz /usr/share/man/man8/krb524d.8.gz /usr/share/man/man8/krb5ftpd.8.gz /usr/share/man/man8/krb5kdc.8.gz /usr/share/man/man8/krb5klogind.8.gz /usr/share/man/man8/krb5kprop.8.gz /usr/share/man/man8/krb5kpropd.8.gz /usr/share/man/man8/krb5kshd.8.gz /usr/share/man/man8/krb5telnetd.8.gz /usr/share/man/man8/ktutil.8.gz /usr/share/man/man8/login.krb5.8.gz /usr/share/man/man8/sserver.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon May 13 04:04:15 2013