首页 -> 安全研究
安全研究
安全漏洞
Kerberos Administration Daemon远程缓冲区溢出漏洞
发布日期:2002-10-25
更新日期:2002-10-30
受影响系统:
KTH Heimdal 0.5不受影响系统:
KTH Heimdal
MIT Kerberos 4
MIT Kerberos 5
KTH eBones 1.2
NetBSD kadmind
- NetBSD 1.6
- NetBSD 1.5.3
- NetBSD 1.5.2
- NetBSD 1.5.1
- NetBSD 1.5
KTH Heimdal 0.5.1描述:
KTH eBones 1.2.1
CVE(CAN) ID: CVE-2002-1235
Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。Kerberos administration daemon(一般成为kadmind)处理密码更改和其他修改Kerberos数据库请求。
Kerberos 4 管理协议在读取来自网络请求的数据缺少充分的检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,以kadmind进程的权限(一般是root)在系统上执行任意指令。
Kerberos 4 管理协议在读取网络请求数据,并作为参数提交给memcpy()调用时缺少正确的缓冲区边界检查,攻击者可以提交大量数据破坏堆栈中分配的缓冲区,精心构建提交数据可以覆盖堆栈返回地址以kadmind进)的权限(一般是root)在系统上执行任意指令。攻击者不需要任何验证信息就可以利用这个漏洞。
Massachusetts Institute of Technology (MIT)和Kungl Tekniska H?gskolan (KTH) Kerberos实现代码都存在此漏洞,因此所有源自MIT和KTH代码的其他应用程序实现都存在此问题。在MIT Kerberos 5中,Kerberos 4管理守护程序在kadmind4中实现,在KTH Kerberos 4 (eBones)中,Kerberos管理守护程序由kadmind实现。KTH Kerberos 5 (Heimdal)也在kadmind中实现。
根据报告,已经有利用代码出现,下面的链接包含了攻击特征信息:
http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt
<*链接:http://www.cert.org/advisories/CA-2002-29.html
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NETBSD-SA2002-026.txt.asc
http://www.debian.org/security/2002/dsa-184
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 如果Kerberos 4管理协议不需要可以关闭此支持,在MIT Kerberos5中,这可以通过关闭kadmind4来实现。要在MIT Kerberos5编译阶段关闭所有Kerberos 4支持,请参看:
http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.6/doc/install.html#SEC24
在KTH Heimdal,需要重新编译kadmind关闭对Kerberos 4管理协议的支持,要在KTH Heimdal编译阶段关闭所有Kerberos 4支持,请参看:
http://www.pdc.kth.se/heimdal/heimdal.html#Building%20and%20Installing
* 使用访问控制阻止不信任网络访问Kerberos管理服务。默认Kerberos 4管理守护程序监听TCP/751和UDP/751,而erberos 5 管理守护程序监听749/tcp和749/udp口。
厂商补丁:
Conectiva
---------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://distro.conectiva.com/atualizacoes/
Debian
------
Debian已经为此发布了一个安全公告(DSA-184-1)以及相应补丁:
DSA-184-1:New krb4 packages fix buffer overflow
链接:http://www.debian.org/security/2002/dsa-184
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.2.dsc
Size/MD5 checksum: 810 603ae125455b1ddb609e3c6ca094bb03
http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.2.diff.gz
Size/MD5 checksum: 13872 d2a852e791a81fb04924ae78a7dd1072
http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0.orig.tar.gz
Size/MD5 checksum: 1383337 847d13e410778af000d9a42d3ad52d04
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_alpha.deb
Size/MD5 checksum: 214422 40dbbc867b0c1dd2f75246f910408e7e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_alpha.deb
Size/MD5 checksum: 171488 2bbea4225ea5c1da1f73003cef4aa521
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_alpha.deb
Size/MD5 checksum: 73862 597fd8b9d751c0cd9ccb6ed976cf9552
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_alpha.deb
Size/MD5 checksum: 212946 86b36dac7bf52ddd056def1908bc4a3f
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_alpha.deb
Size/MD5 checksum: 117776 fa937bcb2c48a0be22d79bf6eb74b6ef
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_alpha.deb
Size/MD5 checksum: 69812 0a1b63b714fd3e962dfe60186de5d0d6
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_alpha.deb
Size/MD5 checksum: 235080 1737c89f0c9b3db1660aa2733f219141
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_arm.deb
Size/MD5 checksum: 166768 afb6035551df81b2cc3a7cf44871704a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_arm.deb
Size/MD5 checksum: 135256 021e9fc9bf3826657b82e641ac560d9e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_arm.deb
Size/MD5 checksum: 58974 cfc595302880e2037a7290ad389db4b5
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_arm.deb
Size/MD5 checksum: 163204 38e6cbf9dbdcc70ad1b717538ed23608
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_arm.deb
Size/MD5 checksum: 104468 852edb096d5565718a557c40e5e94cd5
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_arm.deb
Size/MD5 checksum: 55218 7b5cd2afa26faf657516232fe98dbe45
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_arm.deb
Size/MD5 checksum: 212316 4de37802fc7dfe314864d2bbf670b4ab
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_i386.deb
Size/MD5 checksum: 159672 97ecbfdc6e8244f2bf6e2a83829def29
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_i386.deb
Size/MD5 checksum: 126022 b71a64833cba04b729ae61d767523715
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_i386.deb
Size/MD5 checksum: 59414 a573f174689381d3043e5137dec68d43
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_i386.deb
Size/MD5 checksum: 159176 44fd474735dfd8fbc26cccdf1f488e2a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_i386.deb
Size/MD5 checksum: 103836 09f7968d715bebdf6298f4216c3495d9
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_i386.deb
Size/MD5 checksum: 53336 c8a2c03a26aa08533bd0563c57f8f9fe
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_i386.deb
Size/MD5 checksum: 209002 8dd6dcb1c73eb690b53e738b292baa8d
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_m68k.deb
Size/MD5 checksum: 150592 07fbd55f7cf88b6b6c603422ec1e7412
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_m68k.deb
Size/MD5 checksum: 121594 3a826fd25ecaaf07872ef785dc181231
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_m68k.deb
Size/MD5 checksum: 57466 41f409f20c3f2f5b94009ee911c71285
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_m68k.deb
Size/MD5 checksum: 150804 f56ca918f26a7459faaa44f043172af8
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_m68k.deb
Size/MD5 checksum: 98986 7b4ac50702e0a75161a2b87d3a76d437
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_m68k.deb
Size/MD5 checksum: 51578 44f73b91a6cb02a3a5749708952a39d5
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_m68k.deb
Size/MD5 checksum: 207358 a34cc3737b49f42c0ea0e5da5304ce2a
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_sparc.deb
Size/MD5 checksum: 175946 e158d6d97d46b84c732b146b30a80611
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_sparc.deb
Size/MD5 checksum: 134094 17c09a392fecb8d852e66cf37f32f001
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_sparc.deb
Size/MD5 checksum: 65448 7cf8d2df50637261b6e1f3d87aa56c6a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_sparc.deb
Size/MD5 checksum: 174894 53da1fb32e9b3907f231777f57fe6294
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_sparc.deb
Size/MD5 checksum: 113756 2da061b49e65dfa5b3b21a111465606e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_sparc.deb
Size/MD5 checksum: 63264 ffc78352bb98ea38d0cde7f77382f53c
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_sparc.deb
Size/MD5 checksum: 210420 9750df1df2f5d7ea4e871c1c5bb251c5
Debian GNU/Linux 3.0 alias woody
--------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.2.dsc
Size/MD5 checksum: 1184 bc6107c3ceaf45d952d5c078a7e8de72
http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.2.tar.gz
Size/MD5 checksum: 1839179 a29af0ed3d55fef0bd90e91dec1c1a4c
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-docs_1.1-8-2.2_all.deb
Size/MD5 checksum: 98886 4b43657c938aa5ec27832f3516d13cc9
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.1-8-2.2_all.deb
Size/MD5 checksum: 57586 4b501b764bbc652590050c2a875a135c
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.1-8-2.2_all.deb
Size/MD5 checksum: 57594 a6ef8f120dde1bdcd05f238d95092a88
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.1-8-2.2_all.deb
Size/MD5 checksum: 57578 8f5300b5ee9743f32ad717d46148b710
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.1-8-2.2_all.deb
Size/MD5 checksum: 57558 e9995ead1696ec7300cff598050c7ec3
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 343464 0ca3c34e922f467d8b5b31c98440deed
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 95098 39a1da8e56c979b6e8d07f906249ca2e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 190078 53cadd240556ab7704b8c0f80835aabb
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 176430 db00deb2d03b5e18350f1ac0e2505834
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 132264 e384b2652d56503710dc634b9c8ff79e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 69640 ccedbfb259ea132d919eec2b3e671258
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 254858 7ef953fa8cf2be3045cc33e1df3e52ba
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 75360 c8b4daf1fd98f31a82accbd382586774
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 64114 dd3899017402813cdfec933a3f9a7ef2
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 69682 a51b49bf9d6931848c0a93d44d3d5d60
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 68372 f1ed7d05b3d15481ff4a4fcc85d2849d
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_alpha.deb
Size/MD5 checksum: 110292 d26b7e8ed07f788bef7dadc2e019005c
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_arm.deb
Size/MD5 checksum: 279692 7f02054b4252c88f28008d860195e00e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_arm.deb
Size/MD5 checksum: 88240 23f984be268f38a37143a604f6841a6b
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_arm.deb
Size/MD5 checksum: 164222 9cf187012fa20a69ecf125a4444517df
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_arm.deb
Size/MD5 checksum: 149548 1a87fe02114633c3baa847305ea803f6
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_arm.deb
Size/MD5 checksum: 114328 f311a8c0aa692a17eb513fe666be7b55
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_arm.deb
Size/MD5 checksum: 67798 3d67be36c10af703869a0b2919c9d0c5
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_arm.deb
Size/MD5 checksum: 210498 5d3e8f3cb48aabe593ec9d2adb94c304
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_arm.deb
Size/MD5 checksum: 71472 40bc27eedf6f1e98fc588990a714aaac
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_arm.deb
Size/MD5 checksum: 64840 c17318adced043aaf6431022472abcb2
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_arm.deb
Size/MD5 checksum: 67050 e73856a99c795ad2d838ed368e77cac4
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_arm.deb
Size/MD5 checksum: 66570 3a73869d7aea3ec341c3c3ff7417fe70
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_arm.deb
Size/MD5 checksum: 100046 364d5fac5a39483e79e7623ebcbfcd56
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_i386.deb
Size/MD5 checksum: 271918 ed636a9d55e3b434d6d0cca02b60caa5
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_i386.deb
Size/MD5 checksum: 86896 9a44bb2853b2f5d9033804256137dc6a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_i386.deb
Size/MD5 checksum: 158492 4c953e618912ab84852cfda8e7d4472a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_i386.deb
Size/MD5 checksum: 142924 ce6ea3ad0cb9755ca38e603138aa6f06
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_i386.deb
Size/MD5 checksum: 113902 2201a240b7aced2ad3a5fc4690b5296d
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_i386.deb
Size/MD5 checksum: 67602 ef64a2b4317e2d45d708e7845ddb8904
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_i386.deb
Size/MD5 checksum: 205548 b377c80c775b99b6420db6a018870cbc
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_i386.deb
Size/MD5 checksum: 71586 59c386ca2d5409f0668abff9c60cdee7
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_i386.deb
Size/MD5 checksum: 63294 14f40af9739db0c3c8e2e3596229bb4f
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_i386.deb
Size/MD5 checksum: 67074 e6cb6fc380f89b6b8ed4967b5cad5f7e
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_i386.deb
Size/MD5 checksum: 66416 2be5d34dc8530935db4c95b9e98617c9
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_i386.deb
Size/MD5 checksum: 99016 3d1d8c556f01ea1fad94636436cac215
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 398080 74804edafe991c7c273aa64474e64994
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 102644 7cf3069b1f2736998078ff8cb05f4e6b
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 199266 3c2778433f7a4718ad1e2258352f9593
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 183398 516ab05f72bd7df3b07c42b0f6a442e2
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 137594 2b78a59f538fd0896c4596dd58d69024
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 71736 92b817bdf76519c2e7c73f73dc7a3a8e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 291698 efc68a00fb404c2a49b49cc8e2723887
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 78462 c360f22f3b8382dc66f67c74d58fe394
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 66136 2aecec1a4ddcf2cc5e412e5173967707
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 71890 702a73dbdc1c044e968fbd763ebd461d
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 70732 652b270738e8263a461a920e582639e3
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_ia64.deb
Size/MD5 checksum: 121904 58918f956a4fd0ce70bdbfb78b2ca7ef
HP Precision architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 311488 e739a34694e085191351f1fff4858f80
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 91968 6dcde77ff18937ea4eae246c5fa0be91
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 180504 d09653159a475d5bbb2af39bc69f614e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 167664 a6089198def9d80ebbcdb28c14a7c6ba
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 119394 e4ddb7264a6af770c3982cbc4230033b
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 69170 642ba28f9348e9597e8f339be1fa2e0a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 230894 890503ff86513f6c0206513bc5ac383a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 73336 d6b4af716e0628f2e92cc04a9bce75dd
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 66298 61fc6b5a5bcf9cb949e52f81609829e3
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 68692 fd06f2cfc928c9e874aaad344f808c5f
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 68188 bf5831d40a0288d2801fee24f7389d71
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_hppa.deb
Size/MD5 checksum: 110234 e83d9ce5e04363503d9d2b5d1c9ebf2e
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 262778 9a52708606f34332a57e448f198687ef
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 85900 1096e391f8dbd490c8d19ac981316a48
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 155454 db48f62543995649ca9880d06ddddd50
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 146994 8db6aa1c235b4048e85c189c74d84063
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 112132 172e910849e324a381a86aff07344abb
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 67322 f6ca349be4182b10e66d1c254fa7aab9
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 198268 d889d5a0107df14df9aec721b009fef6
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 71124 2a61686ae95b93995d00021ea678bd9a
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 63208 a232eaaa274c999fa10e1d40e09c2c58
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 67072 2e01fabb1e6f0c8d4f4c45f32a6c5c37
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 66416 0ddbc89736b8284f45dfe94955ddf17c
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_m68k.deb
Size/MD5 checksum: 99016 915b79c3d54ccf1fab144b9f4a186254
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_mips.deb
Size/MD5 checksum: 304412 b89515e2b223b256942ade3b300fd996
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_mips.deb
Size/MD5 checksum: 90050 c5e725ed9444edce33c7e066725e0ab7
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_mips.deb
Size/MD5 checksum: 177892 a52bd1b3cc0057d44ef3ca3225baaa2f
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_mips.deb
Size/MD5 checksum: 162916 a9ed1810662e00b702730510626b78ef
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_mips.deb
Size/MD5 checksum: 117548 8b1ac6c4e15b9beb8b3e2e761ef23a01
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_mips.deb
Size/MD5 checksum: 68582 1653e9d3db38f4ebdd23107a66d06767
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_mips.deb
Size/MD5 checksum: 226100 67a226bda25356cd605bc96e8c6b602b
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_mips.deb
Size/MD5 checksum: 73048 41e07a2c98db3ac1741896ac30616092
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_mips.deb
Size/MD5 checksum: 64686 9da6dfd4206ef19765436e1970a8462c
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_mips.deb
Size/MD5 checksum: 67436 795102067f7bc91f3bd66e7e6ee8a96d
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_mips.deb
Size/MD5 checksum: 66726 e6c4572a89ca3304632861979e5c86eb
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_mips.deb
Size/MD5 checksum: 102016 7720b9436aee1da15e4a7c0a9cfd7aca
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 303544 67b7627f86c0dceec049281a77a56474
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 90136 51c509bda56262bba1fb6bf7666cfb03
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 177942 4cf62b6b6999c0f6842848d5e6c857af
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 158494 71f9ff968089291a42f9432d9cc3469d
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 117886 5f938b3d57355129d2f7503629bc851d
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 68472 9372e3b381d97d665d3e3babb5a20168
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 225856 55c8e33126e39ee374868a3111144078
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 73084 7f338d50c1c791447809ec9137a507fe
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 64740 c8c86d401d59b9c64861980b10b5ca7f
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 67414 3cea40743dd22026370229ff9be8c619
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 66694 fb051d6f1b73adce4452e97171bd7cf6
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_mipsel.deb
Size/MD5 checksum: 101742 0544e8178a68f924098901937d2fc62b
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 281800 16673b9e555cb5f85832e1916af385cc
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 88484 2a958c32be958d51d1f83de547e504d1
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 170936 eefa8f36c76437dbb071dfc0dc54bee2
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 169818 1f12c4e3972163245347a5eeb9d72716
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 114698 32b7b927ae5b80398dec76dbd4b9e636
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 68130 68c9580ee1d99c65c124dc26f325d71a
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 211320 1f0345ac14a35777088809abd4fd9740
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 72070 8d9ec0e4f686cdf6d871ec52c8d2a3ef
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 64572 6f66faaa90389b9eebeea3307646cd70
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 67470 b22706af96f89284229b39eaf03ffacf
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 66804 99344cc764085ef16e97c850552b38a9
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_powerpc.deb
Size/MD5 checksum: 102492 9deb6ddaed69f2002e02d6b5cae629b3
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_s390.deb
Size/MD5 checksum: 284374 8a071940ff13bdadce401b4d2009f52c
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_s390.deb
Size/MD5 checksum: 89928 0d386570355f3992781bc4b2ee8be94d
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_s390.deb
Size/MD5 checksum: 162344 b89dfaf1787949c55c7b38ce52caf765
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_s390.deb
Size/MD5 checksum: 153846 facdae8c2d8c4e8b08d8ca513a4212b6
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_s390.deb
Size/MD5 checksum: 116324 2a2a97aba40e4916b578bc9dcc9fdc70
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_s390.deb
Size/MD5 checksum: 68272 64700ae9d02ac35ee3cec9e1d6da76a9
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_s390.deb
Size/MD5 checksum: 215556 999f65642e137bda079cd601231cc4c7
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_s390.deb
Size/MD5 checksum: 72574 4c51538fa3e6d480c37bedcda5993aa3
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_s390.deb
Size/MD5 checksum: 63800 ce6352ca107cf2647ac7e23ad19fda0c
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_s390.deb
Size/MD5 checksum: 67820 8fba89eb7344e36ce9edefa8f4907a83
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_s390.deb
Size/MD5 checksum: 67282 c9b80008ae13ba867ca13b32f6b099d7
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_s390.deb
Size/MD5 checksum: 103656 860947a48bf0760fdde0692524854768
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 293894 5c4f611f2a33c944b1ed215313586727
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 88932 963b7eb012fe576f0aaf9c0b5a1c1fc3
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 163412 d602177e80681bf34468d83c96733c36
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 154266 3fa32b5a80519c751c9517089737e537
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 114998 9a19060c39b4f44435630e70be1f4669
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 67784 2d7a008d9f2bdea7d1cc30a103c78a9e
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 214876 4894d3fff72611e4472b70bfe7fccd1d
http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 71664 0bcbc22f2d65b4bb2f4d71b2e5bfbff5
http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 64150 4aa40277fac9c90aa3ea7ca24739c5eb
http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 67608 3fdb3880b30b294f41e0e05cf899c5e8
http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 66496 00c06401cbbe1fda6dba03a62a399dc5
http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.2_sparc.deb
Size/MD5 checksum: 101916 4d131140155b3ea741903de80dc47ba8
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.freebsd.org/security/index.html
IBM
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.ers.ibm.com/
NetBSD
------
NetBSD已经为此发布了一个安全公告(NETBSD-SA2002-026)以及相应补丁:
NETBSD-SA2002-026:Buffer overflow in kadmind daemon
链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NETBSD-SA2002-026.txt.asc
补丁下载:
RedHat
------
Red Hat Linux 6.2版本和以上的版本包含的MIT Kerberos存在漏洞。不过默认配置下不启用。
http://rhn.redhat.com/errata/RHSA-2002-242.html
S.u.S.E.
--------
SuSE Linux 7.2和之后版本包含的Heimdal Kerberos程序其中对Kerberos 4的支持都关闭,因此,SuSE Linux和SuSE Enterprise Linux系统不存在此漏洞。
浏览次数:6830
严重程度:0(网友投票)
绿盟科技给您安全的保障