---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Mandriva update for krb5 SECUNIA ADVISORY ID: SA21441 VERIFY ADVISORY: http://secunia.com/advisories/21441/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for krb5. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA21402 SOLUTION: Apply updated packages. Mandrivalinux 2006 9769771585fb7b7fc6cf6feea1d6852d 2006.0/RPMS/ftp-client-krb5-1.4.2-1.1.20060mdk.i586.rpm 132d70eb7cc47ac787ceb4490f87d308 2006.0/RPMS/ftp-server-krb5-1.4.2-1.1.20060mdk.i586.rpm ebcf417d249dc28511c8e6579ad832de 2006.0/RPMS/krb5-server-1.4.2-1.1.20060mdk.i586.rpm 37eb990906dea9b113f8dde526a218ab 2006.0/RPMS/krb5-workstation-1.4.2-1.1.20060mdk.i586.rpm 12bd0420fdfdf55433beaa839d245c7d 2006.0/RPMS/libkrb53-1.4.2-1.1.20060mdk.i586.rpm 73ec87553b0dfdee4170c23fd42f9b33 2006.0/RPMS/libkrb53-devel-1.4.2-1.1.20060mdk.i586.rpm 2e9bca676a7c89a2970105ec73dfd43a 2006.0/RPMS/telnet-client-krb5-1.4.2-1.1.20060mdk.i586.rpm 309990a6c12954d0c742ae3fcc20d3f7 2006.0/RPMS/telnet-server-krb5-1.4.2-1.1.20060mdk.i586.rpm 6b8f5083efd5c04230fb732636e78269 2006.0/SRPMS/krb5-1.4.2-1.1.20060mdk.src.rpm Mandrivalinux 2006/X86_64 7379da32042912507b45257c3ae7527a x86_64/2006.0/RPMS/ftp-client-krb5-1.4.2-1.1.20060mdk.x86_64.rpm 5b9c39f00856cbfe56c984636c9616ec x86_64/2006.0/RPMS/ftp-server-krb5-1.4.2-1.1.20060mdk.x86_64.rpm dcbd8eb16edbaeab7f96bbbd61a63a42 x86_64/2006.0/RPMS/krb5-server-1.4.2-1.1.20060mdk.x86_64.rpm 27f81fe2c23b1aadb77bf36a765f1f3a x86_64/2006.0/RPMS/krb5-workstation-1.4.2-1.1.20060mdk.x86_64.rpm 3ab0d3234686c559c0ca1363503f6632 x86_64/2006.0/RPMS/lib64krb53-1.4.2-1.1.20060mdk.x86_64.rpm b79453018b1fdfd10cd1e67ed77eeecb x86_64/2006.0/RPMS/lib64krb53-devel-1.4.2-1.1.20060mdk.x86_64.rpm 7ec7ec461afca7f7707e010310be4532 x86_64/2006.0/RPMS/telnet-client-krb5-1.4.2-1.1.20060mdk.x86_64.rpm e596730793941a4aedb582abb7bec0cf x86_64/2006.0/RPMS/telnet-server-krb5-1.4.2-1.1.20060mdk.x86_64.rpm 6b8f5083efd5c04230fb732636e78269 x86_64/2006.0/SRPMS/krb5-1.4.2-1.1.20060mdk.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2006:139 OTHER REFERENCES: SA21402: http://secunia.com/advisories/21402/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------