深刻度:重要:krb5のセキュリティアップデート
セキュリティ・アドバイス
概要:
含まれているKerberos対応のtelnetクライアントにある2つのバッファオーバーフロー脆弱性を修正した、krb5のアップデートパッケージが利用可能になりました。
このアップデートは、レッドハットセキュリティ対策チームによって、深刻度「重要(important)」のセキュリティ問題と評価されています。
Kerberosは、トラステッドサードパーティ(KDC)を利用してクライアントとサーバの相互認証を行うネットワーク認証システムです。
krb5-workstationパッケージには、Kerberos対応のtelnetクライアントが含まれています。 telnetクライアントがサーバからのメッセージを処理する方式に、バッファオーバーフローの欠陥が2つ発見されました。悪意のあるtelnetサーバに接続してしまうと、攻撃者によりマシン上で任意のコードを実行させられる場合があります。「Common Vulnerabilities and Exposures」プロジェクト(cve.mitre.org)により、これらの問題はCAN-2005-0468およびCAN-2005-0469と命名されています。
krb5のユーザは、これらの問題を修正するバックポートパッチを含んだ上記エラータパッケージにアップグレードしてください。
レッドハットは、この問題の責任ある公表についてiDEFENSEに感謝します。
アップデート・パッケージ:
| Red Hat Desktop (v. 3) | |
| SRPMS: | |
| krb5-1.2.7-42.src.rpm | 15e292d791e6cd5a788764374c32769e |
| IA-32: | |
| krb5-devel-1.2.7-42.i386.rpm | 8d2d653de75e0e90d9718043bb9ec2ea |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-workstation-1.2.7-42.i386.rpm | 02d15698839a4dca13a692567fdc3701 |
| x86_64: | |
| krb5-devel-1.2.7-42.x86_64.rpm | c8f33f385c8b59f8088ba3938820f466 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.x86_64.rpm | 2d13ed5aad4c7910373cfd7399780e18 |
| krb5-workstation-1.2.7-42.x86_64.rpm | a00c82982864a159076c9f7548675ad9 |
| Red Hat Desktop (v. 4) | |
| SRPMS: | |
| krb5-1.3.4-12.src.rpm | 8d598c4fa4404470d6e45978aa47ba6b |
| IA-32: | |
| krb5-devel-1.3.4-12.i386.rpm | 68457cc2117214ab9b11405b964275db |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-server-1.3.4-12.i386.rpm | dab0e8a818d3df2b028b3c39ba4daa52 |
| krb5-workstation-1.3.4-12.i386.rpm | a12db77933dc920943d6316f7e470ccc |
| x86_64: | |
| krb5-devel-1.3.4-12.x86_64.rpm | bcf94a851223872e8fcd272a297dc3c2 |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.x86_64.rpm | ef7f66e2a911b6c9787ab2e0b87534fc |
| krb5-server-1.3.4-12.x86_64.rpm | ee69869e21701b21cb73092d43e49009 |
| krb5-workstation-1.3.4-12.x86_64.rpm | 2edb7a1bfd9e102ace52fe8e90f84e6c |
| Red Hat Enterprise Linux AS (v. 2.1) | |
| SRPMS: | |
| krb5-1.2.2-34.src.rpm | d76d469166a335ebdbd60c201280114e |
| IA-32: | |
| krb5-devel-1.2.2-34.i386.rpm | 5a864d57b0e04534006b809215e5b2a1 |
| krb5-libs-1.2.2-34.i386.rpm | 2353b8f37263fbe2b3a36659517760fc |
| krb5-server-1.2.2-34.i386.rpm | 605b4b5ffd2a3ee6c05350aaf9d16004 |
| krb5-workstation-1.2.2-34.i386.rpm | d5a304cd4a4f0769630255072ee9c763 |
| IA-64: | |
| krb5-devel-1.2.2-34.ia64.rpm | 8befb0ccf160d23932a924acfb6b3072 |
| krb5-libs-1.2.2-34.ia64.rpm | 95b7c9b2048548fbfe1750c4d72a23b7 |
| krb5-server-1.2.2-34.ia64.rpm | 26f1bdaccc93e24e833a2d5f20bbfa09 |
| krb5-workstation-1.2.2-34.ia64.rpm | d98001ff0bb393830e5269e203f3ca48 |
| Red Hat Enterprise Linux AS (v. 3) | |
| SRPMS: | |
| krb5-1.2.7-42.src.rpm | 15e292d791e6cd5a788764374c32769e |
| IA-32: | |
| krb5-devel-1.2.7-42.i386.rpm | 8d2d653de75e0e90d9718043bb9ec2ea |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-server-1.2.7-42.i386.rpm | 76a8c1d4048606e96b763b1cfd9e2862 |
| krb5-workstation-1.2.7-42.i386.rpm | 02d15698839a4dca13a692567fdc3701 |
| IA-64: | |
| krb5-devel-1.2.7-42.ia64.rpm | d9486bd1ba6bf58fff0c33b8b54e10d1 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.ia64.rpm | b8f7a412868eb4331b2ac371f2935bed |
| krb5-server-1.2.7-42.ia64.rpm | e4f4267d02ac27da8963c4770c2d6ab7 |
| krb5-workstation-1.2.7-42.ia64.rpm | a0eb9ccceccb1d777331ab1098ce24b8 |
| PPC: | |
| krb5-devel-1.2.7-42.ppc.rpm | 2bfc18ea2b64f042e96f6a7aa3ec769b |
| krb5-libs-1.2.7-42.ppc.rpm | 62e0c55d9ee03b661c90689f4c663fa9 |
| krb5-libs-1.2.7-42.ppc64.rpm | 0001f467b217ae55c103a9f8d8bbe0c4 |
| krb5-server-1.2.7-42.ppc.rpm | 4ae29ca81df4a7323f4a04dfe7bf422e |
| krb5-workstation-1.2.7-42.ppc.rpm | c28434eb04aa8ba62ae98f384ae96d66 |
| s390: | |
| krb5-devel-1.2.7-42.s390.rpm | 018b6ff9a07097653d1fb0083a8654eb |
| krb5-libs-1.2.7-42.s390.rpm | 9c2251b0c061abcec03805bf668654fa |
| krb5-server-1.2.7-42.s390.rpm | e35388af17b751685a02b35be76c83eb |
| krb5-workstation-1.2.7-42.s390.rpm | f8336a07b5429d1c48592dbe9e8b638a |
| s390x: | |
| krb5-devel-1.2.7-42.s390x.rpm | fc291f78e9ae09ab0500eb772e364b57 |
| krb5-libs-1.2.7-42.s390.rpm | 9c2251b0c061abcec03805bf668654fa |
| krb5-libs-1.2.7-42.s390x.rpm | ace1cd33911c12d87ee4616eea5f97d6 |
| krb5-server-1.2.7-42.s390x.rpm | b344cc43c163bb08a5b691dcbee69d10 |
| krb5-workstation-1.2.7-42.s390x.rpm | 947cfc0608f6bed2c325d5113188391e |
| x86_64: | |
| krb5-devel-1.2.7-42.x86_64.rpm | c8f33f385c8b59f8088ba3938820f466 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.x86_64.rpm | 2d13ed5aad4c7910373cfd7399780e18 |
| krb5-server-1.2.7-42.x86_64.rpm | 55efe49040a64af9f4368e1e6c02c758 |
| krb5-workstation-1.2.7-42.x86_64.rpm | a00c82982864a159076c9f7548675ad9 |
| Red Hat Enterprise Linux AS (v. 4) | |
| SRPMS: | |
| krb5-1.3.4-12.src.rpm | 8d598c4fa4404470d6e45978aa47ba6b |
| IA-32: | |
| krb5-devel-1.3.4-12.i386.rpm | 68457cc2117214ab9b11405b964275db |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-server-1.3.4-12.i386.rpm | dab0e8a818d3df2b028b3c39ba4daa52 |
| krb5-workstation-1.3.4-12.i386.rpm | a12db77933dc920943d6316f7e470ccc |
| IA-64: | |
| krb5-devel-1.3.4-12.ia64.rpm | 1e9eef4e781b54fe954442a427e4fdbe |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.ia64.rpm | 56686098f08e0b62bd1445977f7eba6d |
| krb5-server-1.3.4-12.ia64.rpm | ebce3644ac1704157552d51b6a244565 |
| krb5-workstation-1.3.4-12.ia64.rpm | 67c5b06a01aa25b361926bca1c055c03 |
| PPC: | |
| krb5-devel-1.3.4-12.ppc.rpm | 261644c24300998a25c57d513fe08c6e |
| krb5-libs-1.3.4-12.ppc.rpm | b9663d67bb9b97657d41d870f63b276e |
| krb5-libs-1.3.4-12.ppc64.rpm | 7248e6793d04613a952422f828fe2cb7 |
| krb5-server-1.3.4-12.ppc.rpm | 2ea50dcbeb0124a71c1e3489fec583fa |
| krb5-workstation-1.3.4-12.ppc.rpm | 40e4b837e731816630f653bc98e22530 |
| s390: | |
| krb5-devel-1.3.4-12.s390.rpm | 9f759fb193a998a4f88a21ca77f0b1ab |
| krb5-libs-1.3.4-12.s390.rpm | cd50ea2c90966a8527e06d77b6c47913 |
| krb5-server-1.3.4-12.s390.rpm | 99668163d062fb8f5bfad4654f444313 |
| krb5-workstation-1.3.4-12.s390.rpm | d94e6fabfc7fd33c9208ce7d374c89e8 |
| s390x: | |
| krb5-devel-1.3.4-12.s390x.rpm | 5aa3854179039c6cb73145084123a197 |
| krb5-libs-1.3.4-12.s390.rpm | cd50ea2c90966a8527e06d77b6c47913 |
| krb5-libs-1.3.4-12.s390x.rpm | 968f3babf2058bc88b44c5907f029017 |
| krb5-server-1.3.4-12.s390x.rpm | 7d191831a79c60f99b03c441ca771428 |
| krb5-workstation-1.3.4-12.s390x.rpm | 130b64761b996f24a57ffeb85e637002 |
| x86_64: | |
| krb5-devel-1.3.4-12.x86_64.rpm | bcf94a851223872e8fcd272a297dc3c2 |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.x86_64.rpm | ef7f66e2a911b6c9787ab2e0b87534fc |
| krb5-server-1.3.4-12.x86_64.rpm | ee69869e21701b21cb73092d43e49009 |
| krb5-workstation-1.3.4-12.x86_64.rpm | 2edb7a1bfd9e102ace52fe8e90f84e6c |
| Red Hat Enterprise Linux ES (v. 2.1) | |
| SRPMS: | |
| krb5-1.2.2-34.src.rpm | d76d469166a335ebdbd60c201280114e |
| IA-32: | |
| krb5-devel-1.2.2-34.i386.rpm | 5a864d57b0e04534006b809215e5b2a1 |
| krb5-libs-1.2.2-34.i386.rpm | 2353b8f37263fbe2b3a36659517760fc |
| krb5-server-1.2.2-34.i386.rpm | 605b4b5ffd2a3ee6c05350aaf9d16004 |
| krb5-workstation-1.2.2-34.i386.rpm | d5a304cd4a4f0769630255072ee9c763 |
| Red Hat Enterprise Linux ES (v. 3) | |
| SRPMS: | |
| krb5-1.2.7-42.src.rpm | 15e292d791e6cd5a788764374c32769e |
| IA-32: | |
| krb5-devel-1.2.7-42.i386.rpm | 8d2d653de75e0e90d9718043bb9ec2ea |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-server-1.2.7-42.i386.rpm | 76a8c1d4048606e96b763b1cfd9e2862 |
| krb5-workstation-1.2.7-42.i386.rpm | 02d15698839a4dca13a692567fdc3701 |
| IA-64: | |
| krb5-devel-1.2.7-42.ia64.rpm | d9486bd1ba6bf58fff0c33b8b54e10d1 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.ia64.rpm | b8f7a412868eb4331b2ac371f2935bed |
| krb5-server-1.2.7-42.ia64.rpm | e4f4267d02ac27da8963c4770c2d6ab7 |
| krb5-workstation-1.2.7-42.ia64.rpm | a0eb9ccceccb1d777331ab1098ce24b8 |
| x86_64: | |
| krb5-devel-1.2.7-42.x86_64.rpm | c8f33f385c8b59f8088ba3938820f466 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.x86_64.rpm | 2d13ed5aad4c7910373cfd7399780e18 |
| krb5-server-1.2.7-42.x86_64.rpm | 55efe49040a64af9f4368e1e6c02c758 |
| krb5-workstation-1.2.7-42.x86_64.rpm | a00c82982864a159076c9f7548675ad9 |
| Red Hat Enterprise Linux ES (v. 4) | |
| SRPMS: | |
| krb5-1.3.4-12.src.rpm | 8d598c4fa4404470d6e45978aa47ba6b |
| IA-32: | |
| krb5-devel-1.3.4-12.i386.rpm | 68457cc2117214ab9b11405b964275db |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-server-1.3.4-12.i386.rpm | dab0e8a818d3df2b028b3c39ba4daa52 |
| krb5-workstation-1.3.4-12.i386.rpm | a12db77933dc920943d6316f7e470ccc |
| IA-64: | |
| krb5-devel-1.3.4-12.ia64.rpm | 1e9eef4e781b54fe954442a427e4fdbe |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.ia64.rpm | 56686098f08e0b62bd1445977f7eba6d |
| krb5-server-1.3.4-12.ia64.rpm | ebce3644ac1704157552d51b6a244565 |
| krb5-workstation-1.3.4-12.ia64.rpm | 67c5b06a01aa25b361926bca1c055c03 |
| x86_64: | |
| krb5-devel-1.3.4-12.x86_64.rpm | bcf94a851223872e8fcd272a297dc3c2 |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.x86_64.rpm | ef7f66e2a911b6c9787ab2e0b87534fc |
| krb5-server-1.3.4-12.x86_64.rpm | ee69869e21701b21cb73092d43e49009 |
| krb5-workstation-1.3.4-12.x86_64.rpm | 2edb7a1bfd9e102ace52fe8e90f84e6c |
| Red Hat Enterprise Linux WS (v. 2.1) | |
| SRPMS: | |
| krb5-1.2.2-34.src.rpm | d76d469166a335ebdbd60c201280114e |
| IA-32: | |
| krb5-devel-1.2.2-34.i386.rpm | 5a864d57b0e04534006b809215e5b2a1 |
| krb5-libs-1.2.2-34.i386.rpm | 2353b8f37263fbe2b3a36659517760fc |
| krb5-server-1.2.2-34.i386.rpm | 605b4b5ffd2a3ee6c05350aaf9d16004 |
| krb5-workstation-1.2.2-34.i386.rpm | d5a304cd4a4f0769630255072ee9c763 |
| Red Hat Enterprise Linux WS (v. 3) | |
| SRPMS: | |
| krb5-1.2.7-42.src.rpm | 15e292d791e6cd5a788764374c32769e |
| IA-32: | |
| krb5-devel-1.2.7-42.i386.rpm | 8d2d653de75e0e90d9718043bb9ec2ea |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-workstation-1.2.7-42.i386.rpm | 02d15698839a4dca13a692567fdc3701 |
| IA-64: | |
| krb5-devel-1.2.7-42.ia64.rpm | d9486bd1ba6bf58fff0c33b8b54e10d1 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.ia64.rpm | b8f7a412868eb4331b2ac371f2935bed |
| krb5-workstation-1.2.7-42.ia64.rpm | a0eb9ccceccb1d777331ab1098ce24b8 |
| x86_64: | |
| krb5-devel-1.2.7-42.x86_64.rpm | c8f33f385c8b59f8088ba3938820f466 |
| krb5-libs-1.2.7-42.i386.rpm | 3f7f0d23cc9447241d17bf92aac52376 |
| krb5-libs-1.2.7-42.x86_64.rpm | 2d13ed5aad4c7910373cfd7399780e18 |
| krb5-workstation-1.2.7-42.x86_64.rpm | a00c82982864a159076c9f7548675ad9 |
| Red Hat Enterprise Linux WS (v. 4) | |
| SRPMS: | |
| krb5-1.3.4-12.src.rpm | 8d598c4fa4404470d6e45978aa47ba6b |
| IA-32: | |
| krb5-devel-1.3.4-12.i386.rpm | 68457cc2117214ab9b11405b964275db |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-server-1.3.4-12.i386.rpm | dab0e8a818d3df2b028b3c39ba4daa52 |
| krb5-workstation-1.3.4-12.i386.rpm | a12db77933dc920943d6316f7e470ccc |
| IA-64: | |
| krb5-devel-1.3.4-12.ia64.rpm | 1e9eef4e781b54fe954442a427e4fdbe |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.ia64.rpm | 56686098f08e0b62bd1445977f7eba6d |
| krb5-server-1.3.4-12.ia64.rpm | ebce3644ac1704157552d51b6a244565 |
| krb5-workstation-1.3.4-12.ia64.rpm | 67c5b06a01aa25b361926bca1c055c03 |
| x86_64: | |
| krb5-devel-1.3.4-12.x86_64.rpm | bcf94a851223872e8fcd272a297dc3c2 |
| krb5-libs-1.3.4-12.i386.rpm | 5ee63ae61d91fab567dedb7880fa648e |
| krb5-libs-1.3.4-12.x86_64.rpm | ef7f66e2a911b6c9787ab2e0b87534fc |
| krb5-server-1.3.4-12.x86_64.rpm | ee69869e21701b21cb73092d43e49009 |
| krb5-workstation-1.3.4-12.x86_64.rpm | 2edb7a1bfd9e102ace52fe8e90f84e6c |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor | |
| SRPMS: | |
| krb5-1.2.2-34.src.rpm | d76d469166a335ebdbd60c201280114e |
| IA-64: | |
| krb5-devel-1.2.2-34.ia64.rpm | 8befb0ccf160d23932a924acfb6b3072 |
| krb5-libs-1.2.2-34.ia64.rpm | 95b7c9b2048548fbfe1750c4d72a23b7 |
| krb5-server-1.2.2-34.ia64.rpm | 26f1bdaccc93e24e833a2d5f20bbfa09 |
| krb5-workstation-1.2.2-34.ia64.rpm | d98001ff0bb393830e5269e203f3ca48 |
| (The unlinked packages above are only available from the Red Hat Network) | |
解決法:
このアップデートを適用する前に、システムに関連するリリース済の errata が適用済であることをご確認ください。それぞれのアーキテクチャで全てのRPMをアップデートするには、以下のコマンドを実行してください: rpm -Fvh [filename] [filename] は、アップデートしたいRPMのファイル名です。現在インストールされているパッケージのみ、アップグレードされます。現在いるディレクトリにインストールしたいRPM *しか* 無い場合には、 ワイルドカード (*.rpm) も使うことができます。
このアップデートは、Red Hat Network 経由でも行なえます。アップデートを適用する非常に簡便な方法です。Red hat Network をご利用になるには、以下のコマンドで、アップデートエージェントを起動してください。 up2date このコマンドで、システムに適切なRPMをアップグレードする対話形式のプロセスを起動します。
バグジラ: (詳細は、こちらbugzilla[英語]を御覧ください。)
151267 - CAN-2005-0469 Multiple Telnet Client issues (CAN-2005-0468)
参照:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
キーワード:
telnet
ここに在るパッケージはセキュリティの為、 Red Hat, Inc. によって、 GPG 認証されています。キーは以下から利用可能になっています:
http://www.redhat.com/about/contact.html
各パッケージを確認するには次のコマンドをご利用ください: rpm --checksig filename
各パッケージが壊れていないか、もしくは改ざんされていないかを確認するには、以下のコマンドで MD5 チェックサムをお調べください: rpm --checksig --nogpg filename
注意: GnuPG キーをチェックするためには、RPM 3.0 以上が必要です。
Copyright © 2008 Red Hat, Inc. All rights reserved.
プライバシー ステートメント :
リーガル ステートメント/利用条件 :
特許に関する見解と約束 :
各種お問い合わせ