Bug 125001

Summary: CAN-2004-0523 MIT Kerberos 5: buffer overflows in krb5_aname_to_localname
Product: Red Hat Enterprise Linux 3 Reporter: Nalin Dahyabhai <nalin>
Component: krb5Assignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: mjc
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-06-09 12:54:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nalin Dahyabhai 2004-06-01 21:27:54 UTC 
Description of problem:

The krb5_aname_to_localname() library function contains multiple
buffer overflows which could be exploited to gain unauthorized root
access.

Only configurations which include auth_to_local_names or auth_to_local
directives (neither of which are included in default configurations)
are vulnerable.
Comment 1 Seth Vidal 2004-06-04 19:38:20 UTC 
the errata that were just issued for this for fc1 and fc2, did they
apply the first patch or the second from the mit announcement.

they issued a correction to the patch and I wanted to make sure the
bug was not present.

see 
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt

about it
Comment 2 Seth Vidal 2004-06-04 19:42:18 UTC 
*** Bug 125019 has been marked as a duplicate of this bug. ***
Comment 3 Mark J. Cox 2004-06-04 20:32:49 UTC 
(bug #125019 was not a duplicate)
Comment 4 Nalin Dahyabhai 2004-06-07 20:43:28 UTC 
Seth: the updated patch (revision 2004-06-02) was included in both
updates for Fedora.
Comment 5 Mark J. Cox 2004-06-09 12:54:34 UTC 
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-236.html