CVE-2011-1528 The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. CVE-2011-1529 The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
As there is no maintainer of the package, I added the committers of the package. Please, see also bug 2064.
CC: (none) => arnaud.patard, guillomovitch, mageia, saispo
Patched release 1.8.3-5.1 available in updates_testing, untested.
Ok thanks. As we don't really have a 'security team' I assign this bug to the QA.
Assignee: bugsquad => qa-bugs
How do you suggest testing this?
It depends what you want to test exactly. If you just want to test the new package release is functional, you have to setup a KDC, create a minimal kerberos realm, and test retrieving credentials for it. If you want to test than the vulnerabilities have been corrected, you also have to find an exploit, and test it against your server. In both case, if you don't know Kerberos, that's quite difficult to do. So, my suggestion would be extra-minimalist: just try to install the package. Sure, that is quite far away from functional testing. But probably not very far from the testing level of current package in mageia 1 anyway...
Thankyou Guillaume. I've updated it, it seems to be recursively required by more or less everything so will check for any breakage.
No breakage noticed, so I think testing complete x86_64 unless there is a better way to do this.
No negative effects notice i586 either so I am going to validate. Advisory -------------------- This security update provides fixes for two CVEs CVE-2011-1528 The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. CVE-2011-1529 The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. --------------------------- krb5-1.8.3-5.1.mga1.src.rpm Could sysadmin please push from core/updates_testing to core/updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed.
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED