Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:0429-1

Опубликовано: 11 фев. 2016
Источник: suse-cvrf

Описание

Security update for krb5

This update for krb5 fixes the following issues:

  • CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database (bsc#963968)
  • CVE-2015-8630: An authenticated attacker with permission to modify a principal entry may have caused kadmind to crash (bsc#963964)
  • CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request (bsc#963975)

Список пакетов

SUSE Linux Enterprise Desktop 12
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
SUSE Linux Enterprise Server 12
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
krb5-doc-1.12.1-25.1
krb5-plugin-kdb-ldap-1.12.1-25.1
krb5-plugin-preauth-otp-1.12.1-25.1
krb5-plugin-preauth-pkinit-1.12.1-25.1
krb5-server-1.12.1-25.1
SUSE Linux Enterprise Server 12 SP1
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
krb5-doc-1.12.1-25.1
krb5-plugin-kdb-ldap-1.12.1-25.1
krb5-plugin-preauth-otp-1.12.1-25.1
krb5-plugin-preauth-pkinit-1.12.1-25.1
krb5-server-1.12.1-25.1
SUSE Linux Enterprise Server for SAP Applications 12
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
krb5-doc-1.12.1-25.1
krb5-plugin-kdb-ldap-1.12.1-25.1
krb5-plugin-preauth-otp-1.12.1-25.1
krb5-plugin-preauth-pkinit-1.12.1-25.1
krb5-server-1.12.1-25.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
krb5-1.12.1-25.1
krb5-32bit-1.12.1-25.1
krb5-client-1.12.1-25.1
krb5-doc-1.12.1-25.1
krb5-plugin-kdb-ldap-1.12.1-25.1
krb5-plugin-preauth-otp-1.12.1-25.1
krb5-plugin-preauth-pkinit-1.12.1-25.1
krb5-server-1.12.1-25.1
SUSE Linux Enterprise Software Development Kit 12
krb5-devel-1.12.1-25.1
SUSE Linux Enterprise Software Development Kit 12 SP1
krb5-devel-1.12.1-25.1

Ссылки

Описание

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:krb5-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-32bit-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-client-1.12.1-25.1
SUSE Linux Enterprise Desktop 12:krb5-1.12.1-25.1
Ссылки

Описание

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:krb5-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-32bit-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-client-1.12.1-25.1
SUSE Linux Enterprise Desktop 12:krb5-1.12.1-25.1
Ссылки

Описание

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:krb5-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-32bit-1.12.1-25.1
SUSE Linux Enterprise Desktop 12 SP1:krb5-client-1.12.1-25.1
SUSE Linux Enterprise Desktop 12:krb5-1.12.1-25.1
Ссылки