MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
BID:23281
Info
MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
| Bugtraq ID: | 23281 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-0956 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 03 2007 12:00AM |
| Updated: | Mar 19 2015 09:38AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 10.0.0 x64 Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux 10 F... TurboLinux Personal TurboLinux Multimedia Turbolinux Home Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server 2.0 Trustix Secure Linux 3.0.5 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Operating System Enterprise Server 2.0 SuSE SUSE Linux Enterprise Server 10 SuSE SUSE Linux Enterprise Desktop 10 Sun SEAM 1.0.2 Sun SEAM 1.0.1 Sun SEAM 1.0 SGI ProPack 3.0 SP6 S.u.S.E. openSUSE 10.2 S.u.S.E. Linux 9.3 x86-64 S.u.S.E. Linux 9.3 x86 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x86-64 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc rPath rPath Linux 1 Pardus Linux 2007.1 MIT Kerberos 5 5.0 -1.4.1 MIT Kerberos 5 5.0 -1.4 MIT Kerberos 5 5.0 -1.3.6 MIT Kerberos 5 5.0 -1.3.5 MIT Kerberos 5 5.0 -1.3.4 MIT Kerberos 5 5.0 -1.3.3 MIT Kerberos 5 5.0 -1.2beta2 MIT Kerberos 5 5.0 -1.2beta1 MIT Kerberos 5 5.0 -1.1.1 MIT Kerberos 5 5.0 -1.1 MIT Kerberos 5 5.0 -1.0.x MIT Kerberos 5 1.6 MIT Kerberos 5 1.5.1 MIT Kerberos 5 1.5 MIT Kerberos 5 1.4.3 MIT Kerberos 5 1.4.2 MIT Kerberos 5 1.4.1 MIT Kerberos 5 1.4 MIT Kerberos 5 1.3.6 MIT Kerberos 5 1.3.5 MIT Kerberos 5 1.3.4 MIT Kerberos 5 1.3.3 MIT Kerberos 5 1.3.2 MIT Kerberos 5 1.3.1 MIT Kerberos 5 1.3 -alpha1 MIT Kerberos 5 1.3 MIT Kerberos 5 1.2.8 MIT Kerberos 5 1.2.7 MIT Kerberos 5 1.2.6 MIT Kerberos 5 1.2.5 MIT Kerberos 5 1.2.4 MIT Kerberos 5 1.2.3 MIT Kerberos 5 1.2.2 -beta1 MIT Kerberos 5 1.2.2 MIT Kerberos 5 1.2.1 MIT Kerberos 5 1.2 MIT Kerberos 5 1.1.1 MIT Kerberos 5 1.1 MIT Kerberos 5 1.0.8 MIT Kerberos 5 1.0.6 MIT Kerberos 5 1.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 |
| Not Vulnerable: |
MIT Kerberos 5 1.6.1 |
Discussion
MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
MIT Kerberos 5 is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain superuser or SYSTEM-level privileges on the affected computer. Successfully exploiting this issue will result in the complete compromise of affected computers.
This issue occurs in Kerberos 5 versions 1.6 and prior.
MIT Kerberos 5 is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain superuser or SYSTEM-level privileges on the affected computer. Successfully exploiting this issue will result in the complete compromise of affected computers.
This issue occurs in Kerberos 5 versions 1.6 and prior.
Exploit / POC
MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
Attackers may exploit this issue with a telnet client.
Attackers may exploit this issue with a telnet client.
Solution / Fix
MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Turbolinux Turbolinux Server 10.0.0 x64
Turbolinux Appliance Server 2.0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
MIT Kerberos 5 1.1
MIT Kerberos 5 1.1.1
MIT Kerberos 5 1.2.2 -beta1
MIT Kerberos 5 1.2.4
MIT Kerberos 5 1.2.5
MIT Kerberos 5 1.2.6
MIT Kerberos 5 1.2.7
MIT Kerberos 5 1.2.8
MIT Kerberos 5 1.3 -alpha1
MIT Kerberos 5 1.3
MIT Kerberos 5 1.3.1
MIT Kerberos 5 1.3.2
MIT Kerberos 5 1.3.3
MIT Kerberos 5 1.3.4
MIT Kerberos 5 1.3.5
MIT Kerberos 5 1.3.6
MIT Kerberos 5 1.4.1
MIT Kerberos 5 1.5
MIT Kerberos 5 1.5.1
MIT Kerberos 5 1.6
Turbolinux Turbolinux Server 10.0
Trustix Secure Linux 2.2
SGI ProPack 3.0 SP6
Trustix Secure Linux 3.0.5
MIT Kerberos 5 5.0 -1.2beta1
MIT Kerberos 5 5.0 -1.1
MIT Kerberos 5 5.0 -1.3.4
MIT Kerberos 5 5.0 -1.1.1
MIT Kerberos 5 5.0 -1.4
MIT Kerberos 5 5.0 -1.3.6
MIT Kerberos 5 5.0 -1.4.1
MIT Kerberos 5 5.0 -1.3.5
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Turbolinux Turbolinux Server 10.0.0 x64
-
Turbolinux biff-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/biff-0.17-30.x86_64.rpm -
Turbolinux bootparamd-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/bootparamd-0.17-30.x86_64.rpm -
Turbolinux finger-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux finger-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/finger-0.17-30.x86_64.rpm -
Turbolinux finger-server-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/finger-server-0.17-30.x86_64.rpm -
Turbolinux ftp-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/ftp-0.17-30.x86_64.rpm -
Turbolinux krb5-devel-1.3.4-22.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-devel-1.3.4-22.x86_64.rpm -
Turbolinux krb5-libs-1.3.4-22.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-libs-1.3.4-22.x86_64.rpm -
Turbolinux krb5-server-1.3.4-22.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-server-1.3.4-22.x86_64.rpm -
Turbolinux krb5-workstation-1.3.4-22.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux ntalk-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/ntalk-0.17-30.x86_64.rpm -
Turbolinux routed-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/routed-0.17-30.x86_64.rpm -
Turbolinux rsh-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/rsh-0.17-30.x86_64.rpm -
Turbolinux rusers-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/rusers-0.17-30.x86_64.rpm -
Turbolinux rwall-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/rwall-0.17-30.x86_64.rpm -
Turbolinux rwho-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/rwho-0.17-30.x86_64.rpm -
Turbolinux telnet-client-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/telnet-client-0.17-30.x86_64.rpm -
Turbolinux telnet-server-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/telnet-server-0.17-30.x86_64.rpm -
Turbolinux timed-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/timed-0.17-30.x86_64.rpm -
Turbolinux writed-0.17-30.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/writed-0.17-30.x86_64.rpm
Turbolinux Appliance Server 2.0
-
Turbolinux finger-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux ftp-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux krb5-devel-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux krb5-devel-1.3.4-22.x86_64.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-devel-1.3.4-22.x86_64.rpm -
Turbolinux krb5-libs-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux krb5-server-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux krb5-workstation-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux routed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux rsh-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux rusers-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux rwall-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux rwho-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux telnet-client-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux telnet-server-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux timed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/ -
Turbolinux writed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/
Turbolinux Appliance Server Workgroup Edition 1.0
-
Turbolinux finger-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux ftp-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rsh-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux telnet-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/
Turbolinux Appliance Server Hosting Edition 1.0
-
Turbolinux finger-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux ftp-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rsh-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux telnet-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/
MIT Kerberos 5 1.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.1.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.2 -beta1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.4
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.5
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.6
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.7
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.2.8
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3 -alpha1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.2
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.3
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.4
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.5
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.3.6
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt -
Ubuntu krb5-admin-server_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-4ubuntu0.2_amd64.deb -
Ubuntu krb5-admin-server_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-4ubuntu0.2_i386.deb -
Ubuntu krb5-admin-server_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-4ubuntu0.2_powerpc.deb -
Ubuntu krb5-admin-server_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-4ubuntu0.2_sparc.deb -
Ubuntu krb5-clients_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-4ubuntu0.2_amd64.deb -
Ubuntu krb5-clients_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-4ubuntu0.2_i386.deb -
Ubuntu krb5-clients_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-4ubuntu0.2_powerpc.deb -
Ubuntu krb5-clients_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-4ubuntu0.2_sparc.deb -
Ubuntu krb5-doc_1.3.6-4ubuntu0.2_all.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.3.6-4ubu ntu0.2_all.deb -
Ubuntu krb5-ftpd_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -4ubuntu0.2_amd64.deb -
Ubuntu krb5-ftpd_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -4ubuntu0.2_i386.deb -
Ubuntu krb5-ftpd_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -4ubuntu0.2_powerpc.deb -
Ubuntu krb5-ftpd_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -4ubuntu0.2_sparc.deb -
Ubuntu krb5-kdc_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 4ubuntu0.2_amd64.deb -
Ubuntu krb5-kdc_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 4ubuntu0.2_i386.deb -
Ubuntu krb5-kdc_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 4ubuntu0.2_powerpc.deb -
Ubuntu krb5-kdc_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 4ubuntu0.2_sparc.deb -
Ubuntu krb5-rsh-server_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-4ubuntu0.2_amd64.deb -
Ubuntu krb5-rsh-server_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-4ubuntu0.2_i386.deb -
Ubuntu krb5-rsh-server_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-4ubuntu0.2_powerpc.deb -
Ubuntu krb5-rsh-server_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-4ubuntu0.2_sparc.deb -
Ubuntu krb5-telnetd_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-4ubuntu0.2_amd64.deb -
Ubuntu krb5-telnetd_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-4ubuntu0.2_i386.deb -
Ubuntu krb5-telnetd_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-4ubuntu0.2_powerpc.deb -
Ubuntu krb5-telnetd_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-4ubuntu0.2_sparc.deb -
Ubuntu krb5-user_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -4ubuntu0.2_amd64.deb -
Ubuntu krb5-user_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -4ubuntu0.2_i386.deb -
Ubuntu krb5-user_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -4ubuntu0.2_powerpc.deb -
Ubuntu krb5-user_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -4ubuntu0.2_sparc.deb -
Ubuntu libkadm55_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-4ub untu0.2_amd64.deb -
Ubuntu libkadm55_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-4ub untu0.2_i386.deb -
Ubuntu libkadm55_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-4ub untu0.2_powerpc.deb -
Ubuntu libkadm55_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-4ub untu0.2_sparc.deb -
Ubuntu libkrb5-dev_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-4 ubuntu0.2_amd64.deb -
Ubuntu libkrb5-dev_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-4 ubuntu0.2_i386.deb -
Ubuntu libkrb5-dev_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-4 ubuntu0.2_powerpc.deb -
Ubuntu libkrb5-dev_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-4 ubuntu0.2_sparc.deb -
Ubuntu libkrb53_1.3.6-4ubuntu0.2_amd64.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-4ubu ntu0.2_amd64.deb -
Ubuntu libkrb53_1.3.6-4ubuntu0.2_i386.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-4ubu ntu0.2_i386.deb -
Ubuntu libkrb53_1.3.6-4ubuntu0.2_powerpc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-4ubu ntu0.2_powerpc.deb -
Ubuntu libkrb53_1.3.6-4ubuntu0.2_sparc.deb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-4ubu ntu0.2_sparc.deb
MIT Kerberos 5 1.4.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt -
SuSE krb5-1.4-16.9.x86_64.rpm
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/krb5-1.4-16.9.x 86_64.rpm -
SuSE krb5-1.4.1-5.5.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-1.4.1-5.5.i 586.rpm -
SuSE krb5-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-1.4.1-5.5 .x86_64.rpm -
SuSE krb5-1.4.3-19.10.3.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.10.3.i5 86.rpm -
SuSE krb5-32bit-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-32bit-1.4 .1-5.5.x86_64.rpm -
SuSE krb5-apps-servers-1.4.1-5.5.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-apps-server s-1.4.1-5.5.i586.rpm -
SuSE krb5-apps-servers-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-apps-serv ers-1.4.1-5.5.x86_64.rpm -
SuSE krb5-apps-servers-1.4.3-19.10.3.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-servers-1.4 .3-19.10.3.i586.rpm -
SuSE krb5-devel-1.4.1-5.5.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-devel-1.4.1 -5.5.i586.rpm -
SuSE krb5-devel-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-1.4 .1-5.5.x86_64.rpm -
SuSE krb5-devel-1.4.3-19.10.3.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.1 0.3.i586.rpm -
SuSE krb5-devel-32bit-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-devel-32b it-1.4.1-5.5.x86_64.rpm -
SuSE krb5-server-1.4.1-5.5.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/krb5-server-1.4. 1-5.5.i586.rpm -
SuSE krb5-server-1.4.1-5.5.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/krb5-server-1. 4.1-5.5.x86_64.rpm -
SuSE krb5-server-1.4.3-19.10.3.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19. 10.3.i586.rpm
MIT Kerberos 5 1.5
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 1.5.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt -
SuSE krb5-1.4.3-19.10.3.x86_64.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.10.3. x86_64.rpm -
SuSE krb5-1.5.1-23.4.i586.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.4.i586. rpm -
SuSE krb5-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.4.x86 _64.rpm -
SuSE krb5-32bit-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23 .4.x86_64.rpm -
SuSE krb5-apps-servers-1.5.1-23.4.i586.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-servers-1.5 .1-23.4.i586.rpm -
SuSE krb5-apps-servers-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-servers-1 .5.1-23.4.x86_64.rpm -
SuSE krb5-devel-1.5.1-23.4.i586.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.4 .i586.rpm -
SuSE krb5-devel-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23 .4.x86_64.rpm -
SuSE krb5-devel-32bit-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1. 5.1-23.4.x86_64.rpm -
SuSE krb5-server-1.5.1-23.4.i586.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23. 4.i586.rpm -
SuSE krb5-server-1.5.1-23.4.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-2 3.4.x86_64.rpm
MIT Kerberos 5 1.6
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
Turbolinux Turbolinux Server 10.0
-
Turbolinux finger-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux ftp-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux krb5-debug-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux krb5-devel-1.2.5-21.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/krb5-devel-1.2.5-21.i586.rpm -
Turbolinux krb5-devel-1.2.5-21.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/krb5-devel-1.2.5-21.i586.rpm -
Turbolinux krb5-devel-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux krb5-libs-1.2.5-21.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/krb5-libs-1.2.5-21.i586.rpm -
Turbolinux krb5-libs-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux krb5-server-1.2.5-21.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/krb5-server-1.2.5-21.i586.rpm -
Turbolinux krb5-server-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux krb5-workstation-1.2.5-21.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/krb5-workstation-1.2.5-21.i586.rpm -
Turbolinux krb5-workstation-1.3.4-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/upd ates/RPMS/krb5-workstation-1.3.4-22.x86_64.rpm -
Turbolinux routed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rsh-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rusers-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rwall-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux rwho-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux telnet-client-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux telnet-server-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux timed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ -
Turbolinux writed-0.17-30.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/
Trustix Secure Linux 2.2
-
Trustix file-4.12-2tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix file-devel-4.12-2tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix imagemagick-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix imagemagick-devel-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-1.3.6-7tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-devel-1.3.6-7tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-libs-1.3.6-7tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix perl-image-magick-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates
SGI ProPack 3.0 SP6
-
SGI Patch 10389
http://support.sgi.com/
Trustix Secure Linux 3.0.5
-
Trustix file-4.13-4tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix file-4.17-3tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix file-devel-4.13-4tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix file-devel-4.17-3tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix imagemagick-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix imagemagick-devel-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-1.4.3-4tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-devel-1.4.3-4tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix kerberos5-libs-1.4.3-4tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix perl-image-magick-6.3.3.5-1tr.i586.rpm
Trustix Secure Linux 3.0.5
ftp://ftp.trustix.org/pub/trustix/updates
MIT Kerberos 5 5.0 -1.2beta1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.3.4
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.1.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.4
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.3.6
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.4.1
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
MIT Kerberos 5 5.0 -1.3.5
-
MIT 2007-001-patch.txt
http://web.mit.edu/kerberos/advisories/2007-001-patch.txt
References
MIT Kerberos 5 Telnet Daemon Authentication Bypass Vulnerability
References:
References:
- Kerberos Homepage (MIT)
- krb5 security update (RedHat)
- MIT krb5 Security Advisory 2007-001 (MIT )
- MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] ([email protected])
- Sun Alert ID: 102867 - Security Vulnerability in the SEAM Kerberized telnetd(1M) (Sun)
- VU#220816: MIT Kerberos 5 telnet daemon allows login as arbitrary user (CERT)