Bugtraq mailing list archives
Re: BUFFER OVERRUN VULNERABILITIES IN KERBEROS
From: kris () FREEBSD ORG (Kris Kennaway)
Date: Thu, 18 May 2000 12:05:02 -0700
-----BEGIN PGP SIGNED MESSAGE----- On Tue, 16 May 2000, Jeffrey I. Schiller wrote:
SUMMARY: Serious buffer overrun vulnerabilities exist in many implementations of Kerberos 4, including implementations included for backwards compatibility in Kerberos 5 implementations. Other less serious buffer overrun vulnerabilites have also been discovered. ALL KNOWN KERBEROS 4 IMPLEMENTATIONS derived from MIT sources are believed to be vulnerable.
For some reason CERT only gave the FreeBSD Security Officer team less than 5 hours last night (from 5:30PM EST when we were sent the draft to 10:30PM EST when their advisory was released) to respond with vendor status, so let me repeat it here for curious Bugtraq readers wondering why we were absent from the advisory: FreeBSD is not vulnerable by default: Kerberos is not installed by default, and the base system uses KTH Kerberos, not MIT Kerberos, which is not believed to be vulnerable. We do include a port of MIT Kerberos 5 in the FreeBSD Ports Collection which was vulnerable, but has been patched to address the known problems (from patches posted here and in the initial advisory). All users who have chosen to install the /usr/ports/security/krb5 port should immediately update their ports collection and reinstall the port. Kris FreeBSD Ports Security Officer - ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe <forsythe () alum mit edu> -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Comment: Made with pgp4pine 1.74 Charset: noconv iQCVAwUBOSQ+5lUuHi5z0oilAQE68wP8CsD0QknwKTQvkpF4aUahuRhmC7peEXDt vszXBFvXwDG4IZt57zm5Yq9ghT/LQtAGDY3Onbu0KlDpm9i0ACi9VgsozP6AOcR+ UxlLkb+Y+oJpU9+ZIiFZAxtoEKxjSq7+blwLLLU6uJ7kTX1K5mhKn43xX7eiGX2m VeeasuHvj+A= =yyCo -----END PGP SIGNATURE-----
Current thread:
- New Allaire Security Zone Bulletin Posted, (continued)
- New Allaire Security Zone Bulletin Posted Aleph One (May 08)
- Advisory: Netopia R9100 router vulnerability Stephen Friedl (May 08)
- Re: Advisory: Netopia R9100 router vulnerability Gary L. Burnore (May 09)
- Re: Advisory: Netopia R9100 router vulnerability Rob Tashjian (May 10)
- Microsoft Security Bulletin (MS00-031) Microsoft Product Security (May 10)
- Re: Advisory: Netopia R9100 router vulnerability Jeffrey Paul (May 13)
- "ClientSideTrojan" bug Kragen Sitaker (May 09)
- Re: "ClientSideTrojan" bug David L. Nicol (May 11)
- Re: "ClientSideTrojan" bug Magosanyi Arpad (May 16)
- BUFFER OVERRUN VULNERABILITIES IN KERBEROS Jeffrey I. Schiller (May 16)
- Re: BUFFER OVERRUN VULNERABILITIES IN KERBEROS Kris Kennaway (May 18)
- antisniff x86/linux remote root exploit, including "fixed" 1.02 version Sebastian (May 16)
- announce : Nessus 1.0 released Renaud Deraison (May 17)
- RFP2K04: Mining BlackICE with RFPickAxe rain forest puppy (May 17)
- FreeBSD Security Advisory: FreeBSD-SA-00:08.lynx [REVISED] FreeBSD Security Officer (May 17)
- klogin remote exploit duke (May 17)
- Re: RFP2K04: Mining BlackICE with RFPickAxe Robert Graham (May 17)
- antisniff latest ("two times fixed") version still exploitable, l0phtl0phe-kid.c Sebastian (May 18)
- Re: antisniff latest ("two times fixed") version still exploitable, l0phtl0phe-kid.c Mudge (May 18)
- Re: Advisory: Netopia R9100 router vulnerability Gary L. Burnore (May 09)
- Re: RFP2K04: Mining BlackICE with RFPickAxe Matt (May 18)
- AUX Security Advisory on Be/OS 5.0 (DoS) visi0n (May 17)