漏洞信息详情
MIT Kerberos 5 Telnet守护程序认证绕过漏洞
- CNNVD编号:CNNVD-200704-091
- 危害等级: 超危
- CVE编号: CVE-2007-0956
- 漏洞类型: 访问控制错误
- 发布时间: 2007-04-05
- 威胁类型: 远程
- 更新时间: 2021-02-03
- 厂 商: debian
- 漏洞来源: MIT
漏洞简介
Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。
MIT krb5的telnet守护程序没有充分检查过滤参数数据,远程攻击者可能利用此漏洞绕过认证获取非授权访问。
krb5的telnet守护程序没有充分地检查用户名,login.krb5程序将以\"-e\"开始的畸形用户名解释为由telnetd执行的命令行标签,导致login.krb5执行一部分BSD rlogin协议,注入任意用户名及选项,这样就可以无需口令或任何认证便以该用户的权限登录。
漏洞公告
临时解决方法:
* 禁用telnetd。
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1276-1)以及相应补丁:
DSA-1276-1:New krb5 packages fix several vulnerabilities
链接:
http://www.debian.org/security/2007/dsa-1276" target="_blank">
http://www.debian.org/security/2007/dsa-1276
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.dsc" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.dsc
Size/MD5 checksum: 782 a4a9a2cff9292af1de210f83edcee281
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.diff.gz" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge4.diff.gz
Size/MD5 checksum: 666048 006edbace85ee6fab561c8f5ba59914d
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz
Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge4_all.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge4_all.deb
Size/MD5 checksum: 718724 9bd56e8f5a673661416a042cc315509b
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 114882 0b1d6a3f226b48f3065f8e065049a02a
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 247602 b36d6e32ae319ed6953327d0de0e091c
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 62892 a96ce75c69cc4423f0922a49ce97b7ef
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 137006 6285c054dbb18b511153aeab6d5bb399
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 89654 491c88a0bea723021f0f1eda84450208
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 72142 3cad8d2db4270a422c0ba0ccfd6a9151
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 144782 dea1c0c916c80b59174b4cfd18f1eb5e
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 201754 42d6fcb995989672cfde30a467f9486e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_alpha.deb" target="_blank">
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge4_alpha.deb
Size/MD5 checksum: 860980 3dabb660978f0d3cfc2c121acf8a48de
http://security.debian.org/pool/updates/main/k/krb5/libkrb53
参考网址
来源:SECUNIA
链接:http://secunia.com/advisories/24755
来源:SECUNIA
链接:http://secunia.com/advisories/24736
来源:MANDRIVA
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:077
来源:REDHAT
链接:http://www.redhat.com/support/errata/RHSA-2007-0095.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/24735
来源:SECUNIA
链接:http://secunia.com/advisories/24757
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/464590/100/0/threaded
来源:BID
链接:https://www.securityfocus.com/bid/23281
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA07-093B.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/24817
来源:SUNALERT
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102867-1
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/464666/100/0/threaded
来源:GENTOO
链接:http://security.gentoo.org/glsa/glsa-200704-02.xml
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2007/1218
来源:CERT-VN
链接:http://www.kb.cert.org/vuls/id/220816
来源:SECUNIA
链接:http://secunia.com/advisories/24785
来源:UBUNTU
链接:http://www.ubuntu.com/usn/usn-449-1
来源:SECUNIA
链接:http://secunia.com/advisories/24740
来源:SECUNIA
链接:http://secunia.com/advisories/24786
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/464814/30/7170/threaded
来源:DEBIAN
链接:https://www.debian.org/security/2007/dsa-1276
来源:CONFIRM
链接:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-001-telnetd.txt
来源:SECUNIA
链接:http://secunia.com/advisories/24706
来源:SECTRACK
链接:http://www.securitytracker.com/id?1017848
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/33414
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2007/1249
来源:SUSE
链接:http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.HTML
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10046
来源:SECUNIA
链接:http://secunia.com/advisories/24750
受影响实体
- Debian Debian_linux:3.1
- Debian Debian_linux:4.0
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论