Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

A flaw was found in the way the MIT Kerberos Authentication Service
and Key Distribution Center server (krb5kdc) handled Kerberos v4
protocol packets. An unauthenticated remote attacker could use this
flaw to crash the krb5kdc daemon, disclose portions of its memory, or
possibly execute arbitrary code using malformed or truncated Kerberos
v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)

This issue only affected krb5kdc with Kerberos v4 protocol
compatibility enabled, which is the default setting on Scientific
Linux 4. Kerberos v4 protocol support can be disabled by adding
'v4_mode=none' (without the quotes) to the '[kdcdefaults]' section of
/var/kerberos/krb5kdc/kdc.conf.

SL 3x only: A flaw was found in the RPC library used by the MIT
Kerberos kadmind server. An unauthenticated remote attacker could use
this flaw to crash kadmind. This issue only affected systems with
certain resource limits configured and did not affect systems using
default resource limits used by Scientific Linux 3. (CVE-2008-0948)

SL 4x and 5x only: Multiple memory management flaws were discovered in
the GSSAPI library used by MIT Kerberos. These flaws could possibly
result in use of already freed memory or an attempt to free already
freed memory blocks (double-free flaw), possibly causing a crash or
arbitrary code execution. (CVE-2007-5901, CVE-2007-5971)

SL 5x only: Jeff Altman of Secure Endpoints discovered a flaw in the
RPC library as used by MIT Kerberos kadmind server. An unauthenticated
remote attacker could use this flaw to crash kadmind or possibly
execute arbitrary code. This issue only affected systems with certain
resource limits configured and did not affect systems using default
resource limits used by Red Hat Enterprise Linux 5. (CVE-2008-0947)

See also :

http://www.nessus.org/u?f79a562e

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60373 ()

Bugtraq ID:

CVE ID: CVE-2007-5901
CVE-2007-5971
CVE-2008-0062
CVE-2008-0063
CVE-2008-0947
CVE-2008-0948