Report forwarded
to debian-bugs-dist@lists.debian.org, Sam Hartman <hartmans@debian.org>: Bug#567052; Package krb5-admin-server.
(Tue, 26 Jan 2010 22:36:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Sol Jerome <solj@ices.utexas.edu>:
New Bug report received and forwarded. Copy sent to Sam Hartman <hartmans@debian.org>.
(Tue, 26 Jan 2010 22:36:04 GMT) (full text, mbox, link).
Package: krb5-admin-server
Version: 1.6.dfsg.4~beta1-5lenny2
Severity: important
Running 'kadmin' on a remote machine causes the kadmin process to
segfault. Here's a snippet of the backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fd93b073700 (LWP 2287)]
0x00007fd939b1ec5b in krb5int_get_error () from /usr/lib/libkrb5support.so.0
(gdb) bt full
#0 0x00007fd939b1ec5b in krb5int_get_error () from /usr/lib/libkrb5support.so.0
No symbol table info available.
#1 0x0000000000404c16 in ?? ()
No symbol table info available.
#2 0x00000000004043d5 in ?? ()
No symbol table info available.
#3 0x00007fd93a82afcd in gssrpc_svc_getreqset () from /usr/lib/libgssrpc.so.4
No symbol table info available.
#4 0x0000000000409248 in ?? ()
No symbol table info available.
#5 0x000000000040a125 in ?? ()
No symbol table info available.
#6 0x00007fd9391b31a6 in __libc_start_main () from /lib/libc.so.6
No symbol table info available.
#7 0x00000000004040a9 in ?? ()
No symbol table info available.
#8 0x00007fff3674e458 in ?? ()
No symbol table info available.
#9 0x000000000000001c in ?? ()
No symbol table info available.
#10 0x0000000000000002 in ?? ()
No symbol table info available.
#11 0x00007fff3674ea1d in ?? ()
No symbol table info available.
#12 0x00007fff3674ea2f in ?? ()
No symbol table info available.
#13 0x0000000000000000 in ?? ()
No symbol table info available.
This is with all the latest updates for Lenny 5.0.4. I can also provide
a core dump if necessary.
Sol
Information forwarded
to debian-bugs-dist@lists.debian.org, Sam Hartman <hartmans@debian.org>: Bug#567052; Package krb5-admin-server.
(Thu, 25 Feb 2010 04:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Tom Yu <tlyu@MIT.EDU>:
Extra info received and forwarded to list. Copy sent to Sam Hartman <hartmans@debian.org>.
(Thu, 25 Feb 2010 04:03:05 GMT) (full text, mbox, link).
retitle 567052 kadmind segfault
forwarded 567052 http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998
tags 567052 fixed-upstream
thanks
[If someone with more Debian clue could chase down what package
version contains the fix and could update the bug with a "fixed"
version accordingly, I would greatly appreciate it.]
Assigned CVE-2010-0629 for this kadmind issue; it can cause a denial
of service (but requires authentication). The most obvious legitimate
operation that can trigger is problem is using a krb5-1.8 kadmin
client against an vulnerable kadmind. This is also fixed in krb5-1.7
and later.
CVSSv2 metrics:
AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:S/C:N/I:N/A:C/E:P/RL:O/RC:C)
Changed Bug title to 'kadmind segfault' from 'kadmin segfault when running remotely'
Request was from Tom Yu <tlyu@MIT.EDU>
to control@bugs.debian.org.
(Thu, 25 Feb 2010 04:03:06 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from Tom Yu <tlyu@MIT.EDU>
to control@bugs.debian.org.
(Thu, 25 Feb 2010 04:03:08 GMT) (full text, mbox, link).
Reply sent
to Tom Yu <tlyu@MIT.EDU>:
You have taken responsibility.
(Tue, 13 Apr 2010 20:15:05 GMT) (full text, mbox, link).
Notification sent
to Sol Jerome <solj@ices.utexas.edu>:
Bug acknowledged by developer.
(Tue, 13 Apr 2010 20:15:05 GMT) (full text, mbox, link).
Source: krb5
Source-Version: 1.7+dfsg-4
Was fixed in upstream krb5-1.7.
Information forwarded
to debian-bugs-dist@lists.debian.org, Sam Hartman <hartmans@debian.org>: Bug#567052; Package krb5-admin-server.
(Wed, 14 Apr 2010 03:42:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Tom Yu <tlyu@MIT.EDU>:
Extra info received and forwarded to list. Copy sent to Sam Hartman <hartmans@debian.org>.
(Wed, 14 Apr 2010 03:42:03 GMT) (full text, mbox, link).
Added tag(s) security.
Request was from Tom Yu <tlyu@MIT.EDU>
to control@bugs.debian.org.
(Wed, 14 Apr 2010 03:42:05 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Sam Hartman <hartmans@debian.org>: Bug#567052; Package krb5-admin-server.
(Wed, 14 Apr 2010 03:45:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Tom Yu <tlyu@MIT.EDU>:
Extra info received and forwarded to list. Copy sent to Sam Hartman <hartmans@debian.org>.
(Wed, 14 Apr 2010 03:45:03 GMT) (full text, mbox, link).
Tom Yu <tlyu@MIT.EDU> writes:
> tags 567052 security
> thanks
>
>
> upstream advisory is pending
>
> CVE-2010-1320
>
> CVSSv2 vector AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C
Please ignore the previous; it was meant for 577490.
Changed Bug title to 'kadmind segfault due to unrecognized kadm5 API version' from 'kadmind segfault'
Request was from Tom Yu <tlyu@MIT.EDU>
to control@bugs.debian.org.
(Wed, 14 Apr 2010 14:06:05 GMT) (full text, mbox, link).
Reply sent
to Giuseppe Iuculano <iuculano@debian.org>:
You have taken responsibility.
(Sat, 17 Apr 2010 13:57:07 GMT) (full text, mbox, link).
Notification sent
to Sol Jerome <solj@ices.utexas.edu>:
Bug acknowledged by developer.
(Sat, 17 Apr 2010 13:57:07 GMT) (full text, mbox, link).
Subject: Bug#567052: fixed in krb5 1.6.dfsg.4~beta1-5lenny3
Date: Sat, 17 Apr 2010 13:54:50 +0000
Source: krb5
Source-Version: 1.6.dfsg.4~beta1-5lenny3
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive:
krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb
to main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb
krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb
krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz
to main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz
krb5_1.6.dfsg.4~beta1-5lenny3.dsc
to main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny3.dsc
libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb
libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb
libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb
libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb
to main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 567052@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Giuseppe Iuculano <iuculano@debian.org> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 09 Apr 2010 18:48:35 +0200
Source: krb5
Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc
Architecture: source all i386
Version: 1.6.dfsg.4~beta1-5lenny3
Distribution: stable-security
Urgency: high
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Giuseppe Iuculano <iuculano@debian.org>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
krb5-doc - Documentation for MIT Kerberos
krb5-ftpd - Secure FTP server supporting MIT Kerberos
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
krb5-telnetd - Secure telnet server supporting MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libkadm55 - MIT Kerberos administration runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb53 - MIT Kerberos runtime libraries
Closes: 567052
Changes:
krb5 (1.6.dfsg.4~beta1-5lenny3) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-0629: unauthenticated remote KDC service crash.
(Closes: #567052)
Checksums-Sha1:
e620ef7a732c9b0f052b05142675a6232743c49a 1537 krb5_1.6.dfsg.4~beta1-5lenny3.dsc
27fc0e346312c064d86f105e66179788cc1bc735 852374 krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz
82b57512c2e218066ad4461109c4388c1088b7b6 2149738 krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb
592aa9a3353d86738eeecb9993540e0e3567ad19 154670 libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb
34c422deb9512d736d5a6c62b6e921a73a79703a 480858 libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb
f970f41f8c0611a634e8b5deb5ce7bb094834a6a 137178 krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb
9491a16b8e7e0558be1ab8687d1a71d3cb17476a 208734 krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb
b2eeb5b9f8ba0ca9ad2604b94a7fbef37264898d 88478 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
7df6864964fc2f364b26a8bdf75ecef631e01127 65176 krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb
b8f9856849583b3ce55ccfa71ec201c956ae5e2f 71030 krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb
20ac4b062299edf75cf0e48cedbd050ea94f36ed 187364 krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb
36316f20d3b6bc6283ee391f12f03470d64b3e49 102844 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb
afb9201c3a32a2e64482bb3a49ca83e4f2a630ff 87582 krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
d6a0d97af16712476eebc19ead44cee860e9de80 91732 libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb
0267f4d7b83547c5caf6129bba9689b1cd3feb2b 1415130 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb
955465cab87bc9bf2e16a776e47c421948c6ae0a 66278 krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb
Checksums-Sha256:
ea94bfb4c7535df59162babf8ac9ceb638269f8916dc2c3b9edcaaf2dc0ca742 1537 krb5_1.6.dfsg.4~beta1-5lenny3.dsc
e557f285a11e5ecb93822863e3ad6cc4a1e76b08d5ddc194dd6c51d0b007579d 852374 krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz
d2a598a76dc612717a2f3f6feeb81fd586229dccd3efdf20892acc2f9ae2c303 2149738 krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb
cabe535ff676d128f6668e2dcbff5765afb7921ab3addcd255b077c59e0391dd 154670 libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb
cd01a12b5ef8022e89b509447ac084b95bb51e384a899530fb4cfeef5684d452 480858 libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb
3dcde19667cdab259e7738d9ee70bc535690a094944173b6cf0c330d562c3a9e 137178 krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb
2e77ddd81839addf6464ee0aee73ce33ab92b910be8a64ee9dcf6bc0656059f1 208734 krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb
6c1dc31ad9565d14ae1de5d40b680dcc3d5d4ea17eb62c94a94fde6fa51620a2 88478 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
1b16fb6fcfeb2e1de71e40d5b27a847b4da99471db1486f64caa86e903b83d66 65176 krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb
a329af40f6915273c719356454b1652c14c08d008857dc9285299ed6253950d1 71030 krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb
2767243899c4cae56cee34476fb0a021336b0ae40b65538660c1281de7e69506 187364 krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb
3d5dbd176d1624880eb67736c2f50c9579e7a5f7915cb3e79632e8cff75f56fd 102844 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb
a428ead8b6b005f499346775ab2fa3558dd9fe75001b5ac7de06c6017ca6b0a3 87582 krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
af002507b2c30fdd91c50cb7aa5905263b82012c2e5951e91f9c47b25b39fa8b 91732 libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb
d8ae1cb800271e2f45c0b4c18aa0a368c5999e767e948cbc7f7e3186e403bd99 1415130 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb
bb04f2fc548d86e35df8ce9be59416029e508ee0648e8729dcb01193353d90b1 66278 krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb
Files:
5e303b1137773a3151e3c32c3e711707 1537 net standard krb5_1.6.dfsg.4~beta1-5lenny3.dsc
02717d2cea45f186eb05cd196d8035ac 852374 net standard krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz
7d91c163fb39f13e4bb9371d6700ec34 2149738 doc optional krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb
70cf215735d21713181b471f439aabf1 154670 libs optional libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb
7acbaa0d0fc06811724ca64f3379d4af 480858 libs standard libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb
f61a2c6724d6142f668dbf332ef27637 137178 net optional krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb
beee1b3052af1ae6ca25d7ba5ec671cc 208734 net optional krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb
6dc5e0d314721bde54efe23aade476e3 88478 net optional krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
50f0cf04d61e5d3b93c0604c6f7d18cc 65176 net extra krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb
5640c362341277664676eac853bea84c 71030 net extra krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb
a376dfdabac322bf2ef3b1fc0d851e4d 187364 net optional krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb
25ab2d892fdcb5e2863e9813285661b4 102844 net extra krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb
a85bad3b6b0422a2e3059c2bbf11b3de 87582 net optional krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb
f862ceee9dd3205d80981648314c8efb 91732 libdevel extra libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb
6aa2c20c71fdcebc32516f3e961ed033 1415130 libdevel extra libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb
78bc3aeb386f3f6b0ef9173a3ed774ab 66278 net extra krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAku/bNcACgkQNxpp46476aqnlgCeI/8J8JaDBtUm5TFICrvYZ5Wu
Ji0AoJEEUftgUJQB3i4eUNo8Sc9TAh+j
=1cGO
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 16 May 2010 07:33:55 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.