Ubuntu

USN-2498-1: Kerberos vulnerabilities

February 11, 2015 007admin

Ubuntu Security Notice USN-2498-1

10th February, 2015

krb5 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

Summary

Several security issues were fixed in Kerberos.

Software description

krb5
– MIT Kerberos Network Authentication Protocol

Details

It was discovered that Kerberos incorrectly sent old keys in response to a
-randkey -keepold request. An authenticated remote attacker could use this
issue to forge tickets by leveraging administrative access. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-5351)

It was discovered that the libgssapi_krb5 library incorrectly processed
security context handles. A remote attacker could use this issue to cause
a denial of service, or possibly execute arbitrary code. (CVE-2014-5352)

Patrik Kis discovered that Kerberos incorrectly handled LDAP queries with
no results. An authenticated remote attacker could use this issue to cause
the KDC to crash, resulting in a denial of service. (CVE-2014-5353)

It was discovered that Kerberos incorrectly handled creating database
entries for a keyless principal when using LDAP. An authenticated remote
attacker could use this issue to cause the KDC to crash, resulting in a
denial of service. (CVE-2014-5354)

It was discovered that Kerberos incorrectly handled memory when processing
XDR data. A remote attacker could use this issue to cause kadmind to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2014-9421)

It was discovered that Kerberos incorrectly handled two-component server
principals. A remote attacker could use this issue to perform impersonation
attacks. (CVE-2014-9422)

It was discovered that the libgssrpc library leaked uninitialized bytes. A
remote attacker could use this issue to possibly obtain sensitive
information. (CVE-2014-9423)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: libkadm5srv-mit9

1.12.1+dfsg-10ubuntu0.1; libk5crypto3

1.12.1+dfsg-10ubuntu0.1; krb5-kdc-ldap

1.12.1+dfsg-10ubuntu0.1; libkrad0

1.12.1+dfsg-10ubuntu0.1; krb5-otp

1.12.1+dfsg-10ubuntu0.1; libkdb5-7

1.12.1+dfsg-10ubuntu0.1; krb5-pkinit

1.12.1+dfsg-10ubuntu0.1; libkadm5clnt-mit9

1.12.1+dfsg-10ubuntu0.1; libkrb5-3

1.12.1+dfsg-10ubuntu0.1; krb5-user

1.12.1+dfsg-10ubuntu0.1; krb5-kdc

1.12.1+dfsg-10ubuntu0.1; libgssrpc4

1.12.1+dfsg-10ubuntu0.1; libkrb5support0

1.12.1+dfsg-10ubuntu0.1; libgssapi-krb5-2

1.12.1+dfsg-10ubuntu0.1; krb5-admin-server

1.12.1+dfsg-10ubuntu0.1
Ubuntu 14.04 LTS:: libkadm5srv-mit9

1.12+dfsg-2ubuntu5.1; libkadm5srv-mit8

1.12+dfsg-2ubuntu5.1; libk5crypto3

1.12+dfsg-2ubuntu5.1; krb5-kdc-ldap

1.12+dfsg-2ubuntu5.1; libkrad0

1.12+dfsg-2ubuntu5.1; krb5-otp

1.12+dfsg-2ubuntu5.1; libkdb5-7

1.12+dfsg-2ubuntu5.1; krb5-pkinit

1.12+dfsg-2ubuntu5.1; libkadm5clnt-mit9

1.12+dfsg-2ubuntu5.1; libkrb5-3

1.12+dfsg-2ubuntu5.1; krb5-user

1.12+dfsg-2ubuntu5.1; krb5-kdc

1.12+dfsg-2ubuntu5.1; libgssrpc4

1.12+dfsg-2ubuntu5.1; libkrb5support0

1.12+dfsg-2ubuntu5.1; libgssapi-krb5-2

1.12+dfsg-2ubuntu5.1; krb5-admin-server

1.12+dfsg-2ubuntu5.1
Ubuntu 12.04 LTS:: libkadm5srv-mit8

1.10+dfsg~beta1-2ubuntu0.6; libk5crypto3

1.10+dfsg~beta1-2ubuntu0.6; krb5-kdc-ldap

1.10+dfsg~beta1-2ubuntu0.6; libkdb5-6

1.10+dfsg~beta1-2ubuntu0.6; libkrb53

1.10+dfsg~beta1-2ubuntu0.6; krb5-pkinit

1.10+dfsg~beta1-2ubuntu0.6; libkadm5clnt-mit8

1.10+dfsg~beta1-2ubuntu0.6; libkrb5-3

1.10+dfsg~beta1-2ubuntu0.6; krb5-user

1.10+dfsg~beta1-2ubuntu0.6; krb5-kdc

1.10+dfsg~beta1-2ubuntu0.6; libgssrpc4

1.10+dfsg~beta1-2ubuntu0.6; libkrb5support0

1.10+dfsg~beta1-2ubuntu0.6; libgssapi-krb5-2

1.10+dfsg~beta1-2ubuntu0.6; krb5-admin-server

1.10+dfsg~beta1-2ubuntu0.6
Ubuntu 10.04 LTS:: libk5crypto3

1.8.1+dfsg-2ubuntu0.14; krb5-kdc-ldap

1.8.1+dfsg-2ubuntu0.14; libkdb5-4

1.8.1+dfsg-2ubuntu0.14; libkadm5srv-mit7

1.8.1+dfsg-2ubuntu0.14; krb5-pkinit

1.8.1+dfsg-2ubuntu0.14; krb5-admin-server

1.8.1+dfsg-2ubuntu0.14; libkrb5-3

1.8.1+dfsg-2ubuntu0.14; krb5-user

1.8.1+dfsg-2ubuntu0.14; krb5-kdc

1.8.1+dfsg-2ubuntu0.14; libgssrpc4

1.8.1+dfsg-2ubuntu0.14; libkrb5support0

1.8.1+dfsg-2ubuntu0.14; libgssapi-krb5-2

1.8.1+dfsg-2ubuntu0.14; libkadm5clnt-mit7

1.8.1+dfsg-2ubuntu0.14

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CentOS

CESA-2015:0164 Moderate CentOS 5 kernel SecurityUpdate

February 11, 2015 007admin

CentOS Errata and Security Advisory 2015:0164 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0164.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
fbc6e365d23d3da286bf9bded550eabd318a21040f34fa096f1738ebb085767a  kernel-2.6.18-402.el5.i686.rpm
d477e8c147231636fb3b4ff56faba8aab779e2879e17fc04572bc8807988e472  kernel-debug-2.6.18-402.el5.i686.rpm
03fa9ae6513e5d2a707af5f4bccd8b1015c84b2bfbc7d1d10d6c80e1ad9a93f9  kernel-debug-devel-2.6.18-402.el5.i686.rpm
231997d5368ad7f96cd257cbf18cfcfbe430696d8af4f3974aa11d4016e30b60  kernel-devel-2.6.18-402.el5.i686.rpm
6acd771664c710e4ab60e2411f445346f277993525db15f67369ecf6960fc8ac  kernel-doc-2.6.18-402.el5.noarch.rpm
7acf02229076c89de3aaca3d30362b37bb2d13a472031a30aaf81160489bbc0f  kernel-headers-2.6.18-402.el5.i386.rpm
4b6e411599708a2fd881009b5dcbd676af58827b96cccb082cb3f5854f1871e9  kernel-PAE-2.6.18-402.el5.i686.rpm
d75baea1b6c5d5027c7f9d75408ca0bf63efca74fe3f36bbd257dbe5f3fd4288  kernel-PAE-devel-2.6.18-402.el5.i686.rpm
2dd5a0cd5c2b15081026fe5ece64a9ae32d6ae306fa807f50211b871f68e58df  kernel-xen-2.6.18-402.el5.i686.rpm
493f77a0af04025edbdc0350488477f39752ba59d4765efcb49f427bb6dfd761  kernel-xen-devel-2.6.18-402.el5.i686.rpm

x86_64:
e2d3e0ca21641dac3412c38d076ea849f5269a607be6146edad1952efa67ec5e  kernel-2.6.18-402.el5.x86_64.rpm
5ab8f391d375c1fefcbc570d9bd1293fbee2140c1c6e6a8fa8ab73554b1fe24b  kernel-debug-2.6.18-402.el5.x86_64.rpm
cfaf3065d7e69629c50cbe3b4d9178b93f8cdfc30e85e74811fddb91d8357a25  kernel-debug-devel-2.6.18-402.el5.x86_64.rpm
1d562cbc7192f4fb46cc77d123adfbfe30e31c30ed37edcef568fd529954e888  kernel-devel-2.6.18-402.el5.x86_64.rpm
6acd771664c710e4ab60e2411f445346f277993525db15f67369ecf6960fc8ac  kernel-doc-2.6.18-402.el5.noarch.rpm
2041c9eb7f889c907f34c1e04749304f69298f352f2ba7d19f2c3d726fda8726  kernel-headers-2.6.18-402.el5.x86_64.rpm
53be0ecf7943ece4f03c815af776891f8901c8faf589bf1fff0aa05684a13248  kernel-xen-2.6.18-402.el5.x86_64.rpm
e416468d318e5af8228ec6e1248fb5f3b60b656827b6232f47f6918bc224c872  kernel-xen-devel-2.6.18-402.el5.x86_64.rpm

Source:
bf2745e93b295e13bb88c3d10304f0403cb943373110f26db204c75704df7000  kernel-2.6.18-402.el5.src.rpm

ESET

Census Scams and â€˜Grandparent Scamsâ€™

February 10, 2015 007admin

Two phone scams of a type that might be new to you: fake surveys asking dangerous questions, and a Londoning scam that seems to target seniors.

The post Census Scams and ‘Grandparent Scams’ appeared first on We Live Security.

NVD

CVE-2015-0055

February 10, 2015 007admin

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka “Internet Explorer Elevation of Privilege Vulnerability.”

NVD

CVE-2015-0054

February 10, 2015 007admin

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka “Internet Explorer Elevation of Privilege Vulnerability.”

NVD

CVE-2015-0057

February 10, 2015 007admin

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability.”

NVD

CVE-2015-0058

February 10, 2015 007admin

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka “Windows Cursor Object Double Free Vulnerability.”

NVD

CVE-2015-0059

February 10, 2015 007admin

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka “TrueType Font Parsing Remote Code Execution Vulnerability.”

NVD

CVE-2015-0060

February 10, 2015 007admin

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka “Windows Font Driver Denial of Service Vulnerability.”

NVD

CVE-2015-0061

February 10, 2015 007admin

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka “TIFF Processing Information Disclosure Vulnerability.”

007 Software

Monthly Archives: February 2015

USN-2498-1: Kerberos vulnerabilities

Ubuntu Security Notice USN-2498-1

krb5 vulnerabilities

Summary

Software description

Details

Update instructions

References

CESA-2015:0164 Moderate CentOS 5 kernel SecurityUpdate

Census Scams and â€˜Grandparent Scamsâ€™

CVE-2015-0055

CVE-2015-0054

CVE-2015-0057

CVE-2015-0058

CVE-2015-0059

CVE-2015-0060

CVE-2015-0061

Software and Security Information