Australia's Leading Computer Emergency Response Team

ESB-2011.0768 - [Debian] krb5-appl: Root compromise - Remote/unauthenticated
Date: 26 July 2011
Original URL: http://www.auscert.org.au/render.html?cid=1980&it=14634
References: ESB-2011.0700  

Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2011.0768
                         krb5-appl security update
                               26 July 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           krb5-appl
Publisher:         Debian
Operating System:  Debian GNU/Linux 6
Impact/Access:     Root Compromise           -- Remote/Unauthenticated
                   Overwrite Arbitrary Files -- Remote/Unauthenticated
                   Unauthorised Access       -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2011-1526  

Reference:         ESB-2011.0700

Original Bulletin: 
   http://www.debian.org/security/2011/dsa-2283

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2283-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
July 25, 2011                          http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : krb5-appl
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1526 

Tim Zingelmann discovered that due an incorrect configure script the 
kerborised FTP server failed to set the effective GID correctly, 
resulting in privilege escalation.

The oldstable distribution (lenny) is not affected.

For the stable distribution (squeeze), this problem has been fixed in
version 1.0.1-1.1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your krb5-appl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4tWLsACgkQXm3vHE4uylp1cACcCJJlJnFMqxDasPwnvROlPgG4
254AoJub2YSKyIP8qGjF856kNOw6sfFp
=jIVq
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTi4ufu4yVqjM2NGpAQKfGA//RdZprx14lVJTwrVUvYE/jl+u0O2bG3XS
4idxZ+8VfW9LQeWTEQOwv/2oUkOhRMHEOEOVra5Pz6lbkchd7HTRmGfjw0yaYMr2
fZkv/kp236iWme+0xDaYtQwlPwWn8GhbavP6+XmuHJOs+KVNP8O84HtW8ozuxrt/
yeqsePZYWH8OaGt7k9L/XX0D/O6NoRiUBoh1sZvQ7EtE0vox7VrS3/QBctdyT75X
C0kMLHSTpjDPB6s417b4dMhtu2r5jOB5rJuqSehqGA2MlTXwnHH0FG5e4pOGlcuQ
WIwPVa8kit1afW0lwvD9SHb9f4NhPXd7NxBcobnVSFle4c8UFyXDBhjQ//PdmbWw
VWvBOEbDXKgdGkEJ2HFUzplPFvFe6zmY4GRGcteL1FfT9Nq9itiBYbJLYXQx9Af/
XsWcLGih3hko9dUyZFxyN8GOQgy8NQ6AzfL9ng1qRXphqmCQLkgEmWYP4OvRZdfS
kCxEn2K6wW/mT3VJlQDhG/75p5UnXcLBHxShBm3f22DdV/GT7G2bydHM3x2WIxXh
OgGw3letWE75lHCTvl760jBnXPqR03VH5mHoVjYZ+SH12H4TXeWAAdEaUU24qnqE
tRSxM70/Wb1JkJdv6pXOVfdoFJUhRCaQUhtJq4g0ivyT3XotiyDIr243TeIZ0M6V
4O2d8NhSMBQ=
=s++T
-----END PGP SIGNATURE-----