Package: krb5 Version: 1.1.7-1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for krb5.
CVE-2007-5971[0]: | Double-free vulnerability in the gss_krb5int_make_seal_token_v3 | function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has | unknown impact and attack vectors. CVE-2007-5902[1]: | Integer overflow in the svcauth_gss_get_principal function in | lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have | an unknown impact via a large length value for a GSS client name in an RPC | request. CVE-2007-5901[2]: | Use-after-free vulnerability in the gss_indicate_mechs function in | lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact | and attack vectors. NOTE: this might be the result of a typo in the source | code. CVE-2007-5894[3]: | The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does | not initialize the length variable when auth_type has a certain value, which | has unknown impact and remote authenticated attack vectors. NOTE: the original | disclosure misidentifies the conditions under which the uninitialized variable | is used. CVE-2007-5972[4]: | Double-free vulnerability in the krb5_def_store_mkey function in | lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and | remote authenticated attack vectors. NOTE: the free operations occur in code | that stores the krb5kdc master key, and thus the attacker must have privileges | to store this key. CVE-2007-5972 seems to be rather unimportant. I did not check these vulnerabilities for stable or oldstable. If you fix these vulnerabilities please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpZu9Ii48V4u.pgp
Description: PGP signature
