---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: SUSE update for krb5 SECUNIA ADVISORY ID: SA24786 VERIFY ADVISORY: http://secunia.com/advisories/24786/ CRITICAL: Moderately critical IMPACT: Security Bypass, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ openSUSE 10.2 http://secunia.com/product/13375/ DESCRIPTION: SUSE has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS or compromise a vulnerable system and by malicious people to bypass certain security restrictions. For more information: SA24740 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.4.i586.rpm 26a0bdf08d2dbd101c709d87a5db699f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-servers-1.5.1-23.4.i586.rpm 0edcac30ee95ec906edda22f365c4e64 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.4.i586.rpm c44d965aa89a21dc94dfdd56c1384da9 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23.4.i586.rpm 999c1c656b63e87ea1ac1623b9c50164 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.10.3.i586.rpm 7b881bf501106728a342efa05b6a4534 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-servers-1.4.3-19.10.3.i586.rpm 89328e997226eb694a5e0ecd6b7184cb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.10.3.i586.rpm 6d2d02f303a14ade9ea0cf58973b7c8f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19.10.3.i586.rpm 077c19dcbe2cd47f4e33965b26f28081 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-1.4.1-5.5.i586.rpm 9d0faa22f0be37e6554e474c4962745e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-apps-servers-1.4.1-5.5.i586.rpm fc0e696b9b15d45f01064805df0ca834 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-devel-1.4.1-5.5.i586.rpm 12947fc197652934ab409cc389f08fce ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-server-1.4.1-5.5.i586.rpm 83b706f6b5a4a5c858091b986c02fe75 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/krb5-1.4-16.9.i586.rpm 616bfe9bc39ac812cb6b2a942d27e7a2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/krb5-apps-servers-1.4-16.9.i586.rpm 70cadd7c22ff178fab3d6b8bb8f7be88 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/krb5-devel-1.4-16.9.i586.rpm 1ca76aed1daf3094596015f26749f8f8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/krb5-server-1.4-16.9.i586.rpm f475df44f758bf2910304ed9b4eec231 Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-1.5.1-23.4.ppc.rpm b68d2db6218b681c77a4241a39f7c67a ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-servers-1.5.1-23.4.ppc.rpm 2a9ed5a41caeb641975e6307158063a2 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-devel-1.5.1-23.4.ppc.rpm 5b8d693d1544bd40e8082c6e12ec0acf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-server-1.5.1-23.4.ppc.rpm 7bbc1437ca516c641fad79c49549f244 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-1.4.3-19.10.3.ppc.rpm 70ad6ad3e77010409663c9137ccdff2b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-servers-1.4.3-19.10.3.ppc.rpm e66dd547a934498e6108d64199e6c353 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-devel-1.4.3-19.10.3.ppc.rpm 08e6e8346ffe096c3309a99ccd0b12b2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-server-1.4.3-19.10.3.ppc.rpm 57529c2d8435dee24104c521b2ad7da7 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-1.4.1-5.5.ppc.rpm bc5f97b09e202dcb98d6fadb9d041248 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-apps-servers-1.4.1-5.5.ppc.rpm a6a1ba40f9156dd2819c39fb90ef749d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-devel-1.4.1-5.5.ppc.rpm 0af5b5bdf4c4c2bdd18ed2f421d53a75 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/krb5-server-1.4.1-5.5.ppc.rpm d9f496d174e43469fac4cfeded0c0a82 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.4.x86_64.rpm e60d6997238b987a5e0ad0d84433e6f1 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23.4.x86_64.rpm 28caf0827d9387f68df2cb9cb4783355 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-servers-1.5.1-23.4.x86_64.rpm b8f9eec03f72ffe3a46afb3579bfae67 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23.4.x86_64.rpm dbe5651582cb39caf00e7ea2052e6d12 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1.5.1-23.4.x86_64.rpm 4ac292f8860332bf65bc4005342aa35c ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-23.4.x86_64.rpm f79187862cf981cee47a3313a463c129 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.10.3.x86_64.rpm 01757ce948cb4a898933156893f14dd6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-32bit-1.4.3-19.10.3.x86_64.rpm a2d72aaa77511f5cad87158c1886dbfc ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-servers-1.4.3-19.10.3.x86_64.rpm 7588028cd5441a560482ad90576e9ab0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-1.4.3-19.10.3.x86_64.rpm 67de19bc407e36eed765b599df742f48 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-32bit-1.4.3-19.10.3.x86_64.rpm ba747d62adbd54dd1b42bf14ead9c889 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-server-1.4.3-19.10.3.x86_64.rpm 42fc6e61b34ddecd751ab51246d3c27d SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-1.4.1-5.5.x86_64.rpm af41e738c412e6841005384f33d58906 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-32bit-1.4.1-5.5.x86_64.rpm d27b0632e5b00dfba8f7aff8c4738a8f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-apps-servers-1.4.1-5.5.x86_64.rpm b2435d5fc3233a51afbd3679386d390e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-1.4.1-5.5.x86_64.rpm 561635be7ef4d7abe779e583199c3e1b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-32bit-1.4.1-5.5.x86_64.rpm ab63ff82da54a8fde67e31e1a48868a3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-server-1.4.1-5.5.x86_64.rpm dfa24c69d9bd6dfa1567bb8561ad3ef6 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-1.4-16.9.x86_64.rpm 3ea6314d225d3198431743ea0092fdad ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-32bit-9.3-7.3.x86_64.rpm 40d307359582effc227a03d06ff66f31 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-apps-servers-1.4-16.9.x86_64.rpm 444d50dd8701a96886b54ff6f4dc26b9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-devel-1.4-16.9.x86_64.rpm 0c3d27f6df28338fdc6d7f6b4b704792 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-devel-32bit-9.3-7.2.x86_64.rpm 388495c9ac888d1958494cf8eda940a5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-server-1.4-16.9.x86_64.rpm 4d20b1ccd8b14aa275e67c8825fa8dd6 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/krb5-1.5.1-23.4.src.rpm 6913ddbdda37edbecfa45bad5e102a36 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/krb5-1.4.3-19.10.3.src.rpm 1aeef8c2789f8af41ac3bd312b57495f SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/krb5-1.4.1-5.5.src.rpm f964e35737b866039464aa92bad5a3f3 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/krb5-1.4-16.9.src.rpm 0f1675dcc96688e87765dc74aa40bcac SUSE SLED 10 http://support.novell.com/techcenter/psdb/42f0e56eca083c9a097518ef837c4be9.html SUSE SLES 10 http://support.novell.com/techcenter/psdb/42f0e56eca083c9a097518ef837c4be9.html http://support.novell.com/techcenter/psdb/52baa515f293dac164a0c0da920b5531.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html OTHER REFERENCES: SA24740: http://secunia.com/advisories/24740/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------