=========================================================== Ubuntu Security Notice USN-879-1 January 06, 2010 krb5 vulnerability CVE-2009-3295 ===========================================================
A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: krb5-kdc 1.7dfsg~beta3-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten discovered that the Kerberos Key Distribution Center service did not correctly verify certain network traffic. An unauthenticated remote attacker could send a specially crafted request that would cause the KDC to crash, leading to a denial of service. Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.1.diff.gz Size/MD5: 95600 0f70036295e4f7337d73e01d3b7ddd50 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.1.dsc Size/MD5: 1776 1a5055bfdee2cf24631432e8d8983636 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3.orig.tar.gz Size/MD5: 12235083 5219bf9a5c23d6a1d9d9687b918f632d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.7dfsg~beta3-1ubuntu0.1_all.deb Size/MD5: 2173960 6caa47c3ba8061e554d65f592415d8c7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 141814 eda6b542418104190e27399553f3d892 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 114192 72041faa19f14aacddc89f16251493aa http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 78406 6ef4f47c746830b751d1a5a7706e6b36 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 109852 ea8b046683279b077616ebe70fb80bb9 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 60558 ef09a9ba4d9a6bdadceb501885f36ed6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 74144 152af5c5a52a7447dbff180e26d9e72d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 58378 d4a2fe9589f2f74e12ae92f3d9ced08a http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 353742 d8d61e8f8ea19b3dae6195d21db980c6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 1496120 c53aa2eee46620c56a76cf54a81c1187 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 100822 3d0aa9a559c299f758a0a063db315624 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 41414 ec8382c8a07348a6f6be876c5fa23690 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 109280 b7a105f9d75e24656100e7a2f8351202 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 217508 f4171a1e642de9ddb2ed158868ac6fd0 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 70410 4b592e17ae38e54e0439ebb7a1bfc5af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 111496 b3ee0bb8f93f255c3c67898b6c64a031 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 207966 dec2f0580508a7cdd302481aa438e120 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 72146 a8278458c3c895ebedc9261b6a66cb8a http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 85780 51ffc12ffb82ea820bdf0742d918e413 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 76994 c7ffca80c0c63c9974d43cb2683841dd i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 133034 16017c5f538cd73a6c5ab4e887f2bad8 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 107852 060280eebc2356be51d58455aab21091 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 71838 deeacbd6c8ed12b64c348da8245a9fa4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 101906 f16b3c9050d1dd7ce6061238a7889ddd http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 57276 2571ebd0ffa3a13f908bf9eb67e0c924 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 69786 ea42861b21c9ef801ee076cae5a6706c http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 55950 fb6a92fbc279f97f8ece2a87fd65297b http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 337126 859d8b4a62da148f70dc78566f2a63cf http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 1477578 63fe0c129a36eea1295ed9ca95a12bd0 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 100848 1cb8492cd3974d358fd0aff7afc70958 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 39550 8c6ca0197f92cd26c61cb663afa35650 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 101430 a524159aad84253013d94e623bf30eba http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 195626 7b6dd1b4f96fa78c3a184fc46a70bacf http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 65224 6faf061c5fd541dd2136f2ea3a0c9b30 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 106142 ea50ee048bd8bd9e97abb3d6647c771e http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 192156 eba58c68cfb33214140b2db81a9ea9e9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 68848 db36a1d9eb9987d1850e89d740ccbc6b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 80090 cf8318d426eaf6e86009abc803f35fb2 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 70752 905d6d92b7e23e4aafdee8ae67bd82dc lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 133112 a11227793157afb52a759a04538e8c93 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 107008 899e2d1e1b3aa9c2cdb60996ee0a32c9 http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 71252 e8d2f9c66861256682526ffb5866229a http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 102168 25c5beab3acc8477999c7d3b64244408 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 56792 1e6ab58007a2eb1521ce2c7f596a8a25 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 69888 cbd025fe863898f17837e51015251e6c http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 55598 6b0905a9661c6cb23bb7064205335d4f http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 334532 b3b9d4b9039010fd0927a59d53c4df86 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 1498290 937cda431eb453003a3d84cade3b3d5a http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 100830 3b4eece7651f92855f2da5376843d692 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 39260 b9b5adabb5b4b72bf4ecbba63789abe2 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 101990 31e82aa6dd83165e002b96557feded2f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 192558 a81339a3a56d74f48a6638f26924e9d5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 65360 6d32e7908356ba91726ab7cc6970fa8b http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 106228 2f3c03436b6063fcf301957444c817b5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 192310 b221131242f4ce20420bace756fb3e4f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 69072 a5a912fe34b0fea9f168aab60280e729 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 79900 bd4a2f2c26235664b3e35841acc29138 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 71048 500628b0d876d611b4898a85c843c7bb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 139004 4be83c313c12504f1486a77f3cf03191 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 112848 e3bc1891d32d7f3b801b941b4e15a66b http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 77370 204bf28af33d688a1fff2a331bd6fba4 http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 116042 2b7b200d4790da9d98a7fb8c9c66fceb http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 58820 14622071b1bdd1f4dcfbc8993f90ea90 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 73232 8ef42ccceea4ff6bf7f7a206adad11f8 http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 57656 5ef7eee49aad2622175dc511ccd023bf http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 359380 6213040e8b8045ca5194196766b956fb http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 1534332 f394586b8826b6b49e1ce44be7b9dbcb http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 100848 706125e81a03e40bb3d6d3ef5b2513f9 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 40942 065fa3b04927e3f35b8f4bcc3357d861 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 107138 0ee540d7f40c91c8a1c125dda68a28ec http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 211358 c366db53003eae9fb1712f3aea8ff999 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 69306 5d479a574b0d127c803cbfde1f719d2d http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 111556 7f41a7f6f96120766f63e60a49c307b6 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 205322 0095b018bbab463bf4b99cdc518393b0 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 70620 293d09292c82a317d6991c751fdc888f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 83386 ea165831a64d3b4a26953edbb345f9f8 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 75874 5c05302498c98c1890656b2737f0b9d9 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 136176 4d6c792c757aaa9332af4fc8b4c6c4a7 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 100576 813459d3611bc897520ca33267ca2e1d http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 70802 c645b90b796be0216ded7982442c441e http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 107748 eec49504685a92ff72a1ec9e64abf051 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 54852 29bf1e998a8e8a7ce55fa6a9a980bc36 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 66434 3d75f56f0f3b726e922a69b73ee6dfd8 http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 53826 1dd03702ccc6323b766346d9e10eecb5 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 323932 e6b5f529ce6e08b056892efddb014ebf http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 1380636 c8502f360d738b3db837aaeee22f29e9 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 100844 050f042d05ddbb5aff743667ea77f0c2 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 39160 155fb8b8c54b6fdbc5d53b2874f45bc3 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 103384 1a0e903cff10b57d81d778cc1f0328d7 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 208140 0cd727ac1b5074cf7eb93b31c996c4f5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 67938 5efae98dfec7dd8de32b94a3811f61b4 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 105088 d69cb063782833f812e8978d46444e3c http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 191872 482bca110aae96a2499ce7703986e3b0 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 64422 d115c7576315885ffb301661cb3c0249 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 83888 7d6aa6b1e76ce834023d89f75262a77b http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 72936 f28a758e820a12df37d69d532e3a12d4
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/