[DLA 37-1] krb5 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package : krb5
Version : 1.8.3+dfsg-4squeeze8
CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344
CVE-2014-4345
Debian Bug : #753624 #753625 #755520 #755521 #757416
Several vulnerabilities were discovered in krb5, the MIT implementation
of Kerberos. The Common Vulnerabilities and Exposures project identifies
the following problems:
CVE-2014-4341
An unauthenticated remote attacker with the ability to inject
packets into a legitimately established GSSAPI application session
can cause a program crash due to invalid memory references when
attempting to read beyond the end of a buffer.
CVE-2014-4342
An unauthenticated remote attacker with the ability to inject
packets into a legitimately established GSSAPI application session
can cause a program crash due to invalid memory references when
reading beyond the end of a buffer or by causing a null pointer
dereference.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator. A remote attacker could exploit this flaw
to cause an application crash or potentially execute arbitrary code.
CVE-2014-4344
An unauthenticated or partially authenticated remote attacker can
cause a NULL dereference and application crash during a SPNEGO
negotiation by sending an empty token as the second or later context
token from initiator to acceptor.
CVE-2014-4345
When kadmind is configured to use LDAP for the KDC database, an
authenticated remote attacker can cause it to perform an
out-of-bounds write (buffer overflow).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFT8jsf02K2KlS5mJARAhCMAKCUQCl8BrlxIppUztn4QjHZ21Hk9ACfRv0F
U2pf655Pe039aKQvZomezl0=
=RKvF
-----END PGP SIGNATURE-----
Reply to: