Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > December 2006 > Two Red Hat Security Advisories: 1. RHSA-2006:0746-01 - Low: mod_auth_kerb security update 2. RHSA-2006:0754-01 - Important: gnupg security update

December 2006

Two Red Hat Security Advisories: 1. RHSA-2006:0746-01 - Low: mod_auth_kerb security update 2. RHSA-2006:0754-01 - Important: gnupg security update

ID: 00856
Ref: 812/2006
Date: 07 December 2006:13:49:34
Version: 1
Title: Two Red Hat Security Advisories: 1. RHSA-2006:0746-01 - Low: mod_auth_kerb security update 2. RHSA-2006:0754-01 - Important: gnupg security update
Abstract:
Vendors affected: Red Hat
Operating systems affected: Red Hat
Applications affected: Red Hat
Title
=====

Two Red Hat Security Advisories:

1. RHSA-2006:0746-01 - Low: mod_auth_kerb security update

2. RHSA-2006:0754-01 - Important: gnupg security update

Detail
======

1. mod_auth_kerb is module for the Apache HTTP Server designed to provide Kerberos authentication over HTTP.
An off by one flaw was found in the way mod_auth_kerb handles certain Kerberos authentication messages. A remote client could send a specially crafted authentication request which could crash an httpd child process

2. GnuPG is a utility for encrypting data and creating digital signatures.
Tavis Ormandy discovered a stack overwrite flaw in the way GnuPG decrypts messages. An attacker could create carefully crafted message that could cause GnuPG to execute arbitrary code if a victim attempts to decrypt the message.




1.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Low: mod_auth_kerb security update
Advisory ID: RHSA-2006:0746-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0746.html
Issue date: 2006-12-06
Updated on: 2006-12-06
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-5989
- ---------------------------------------------------------------------

1. Summary:

Updated mod_auth_kerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4.

This update has been rated as having low security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

mod_auth_kerb is module for the Apache HTTP Server designed to provide Kerberos authentication over HTTP.

An off by one flaw was found in the way mod_auth_kerb handles certain Kerberos authentication messages. A remote client could send a specially crafted authentication request which could crash an httpd child process (CVE-2006-5989).

A bug in the handling of multiple realms configured using the "KrbAuthRealms" directive has also been fixed.

All users of mod_auth_kerb should upgrade to these updated packages, which contain backported patches that resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

216482 - CVE-2006-5989 mod_auth_kerb segfault with FC6 client

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mod_auth_kerb-5.0-1.3.src.rpm
24131bdecf30d669d2fb2692dbcfad27 mod_auth_kerb-5.0-1.3.src.rpm

i386:
1d5e62b7225a6e2000af86b789045413 mod_auth_kerb-5.0-1.3.i386.rpm
fed4a53b16b7bfd7a4a0dfaca62f5be6 mod_auth_kerb-debuginfo-5.0-1.3.i386.rpm

ia64:
443b99ef514df01db87733b155f93650 mod_auth_kerb-5.0-1.3.ia64.rpm e0779dc88b1b5091cb40636b8837b530 mod_auth_kerb-debuginfo-5.0-1.3.ia64.rpm

ppc:
5436a1f27cf066c1726129704acc40cd mod_auth_kerb-5.0-1.3.ppc.rpm eef5905de44e82c650de1c10e58587db mod_auth_kerb-debuginfo-5.0-1.3.ppc.rpm

s390:
2fcd997ce2d9993f1cf3a934be8495c9 mod_auth_kerb-5.0-1.3.s390.rpm bf7c624895dcbad7e5e571110ed20e2a mod_auth_kerb-debuginfo-5.0-1.3.s390.rpm

s390x:
e689f54999dd02f97d39ac840f009ede mod_auth_kerb-5.0-1.3.s390x.rpm
af70fab7de73d73652f33a8a6b74b493 mod_auth_kerb-debuginfo-5.0-1.3.s390x.rpm

x86_64:
f586b2f0183882e66b848020a0226b9c mod_auth_kerb-5.0-1.3.x86_64.rpm 407aa8cbe7e8feb41b3f8a567d8b5a8d mod_auth_kerb-debuginfo-5.0-1.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mod_auth_kerb-5.0-1.3.src.rpm
24131bdecf30d669d2fb2692dbcfad27 mod_auth_kerb-5.0-1.3.src.rpm

i386:
1d5e62b7225a6e2000af86b789045413 mod_auth_kerb-5.0-1.3.i386.rpm
fed4a53b16b7bfd7a4a0dfaca62f5be6 mod_auth_kerb-debuginfo-5.0-1.3.i386.rpm

x86_64:
f586b2f0183882e66b848020a0226b9c mod_auth_kerb-5.0-1.3.x86_64.rpm 407aa8cbe7e8feb41b3f8a567d8b5a8d mod_auth_kerb-debuginfo-5.0-1.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mod_auth_kerb-5.0-1.3.src.rpm
24131bdecf30d669d2fb2692dbcfad27 mod_auth_kerb-5.0-1.3.src.rpm

i386:
1d5e62b7225a6e2000af86b789045413 mod_auth_kerb-5.0-1.3.i386.rpm
fed4a53b16b7bfd7a4a0dfaca62f5be6 mod_auth_kerb-debuginfo-5.0-1.3.i386.rpm

ia64:
443b99ef514df01db87733b155f93650 mod_auth_kerb-5.0-1.3.ia64.rpm e0779dc88b1b5091cb40636b8837b530 mod_auth_kerb-debuginfo-5.0-1.3.ia64.rpm

x86_64:
f586b2f0183882e66b848020a0226b9c mod_auth_kerb-5.0-1.3.x86_64.rpm 407aa8cbe7e8feb41b3f8a567d8b5a8d mod_auth_kerb-debuginfo-5.0-1.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mod_auth_kerb-5.0-1.3.src.rpm
24131bdecf30d669d2fb2692dbcfad27 mod_auth_kerb-5.0-1.3.src.rpm

i386:
1d5e62b7225a6e2000af86b789045413 mod_auth_kerb-5.0-1.3.i386.rpm
fed4a53b16b7bfd7a4a0dfaca62f5be6 mod_auth_kerb-debuginfo-5.0-1.3.i386.rpm

ia64:
443b99ef514df01db87733b155f93650 mod_auth_kerb-5.0-1.3.ia64.rpm e0779dc88b1b5091cb40636b8837b530 mod_auth_kerb-debuginfo-5.0-1.3.ia64.rpm

x86_64:
f586b2f0183882e66b848020a0226b9c mod_auth_kerb-5.0-1.3.x86_64.rpm 407aa8cbe7e8feb41b3f8a567d8b5a8d mod_auth_kerb-debuginfo-5.0-1.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989
http://www.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFFdwdIXlSAg2UNWIIRAslDAJ0ek4iwjjdQFh/LOnsw+5ocnZgHCACfWJTG
83Jagq0sAH6vMr7cgCsCOHI=
=u6te
-----END PGP SIGNATURE-----



2.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: gnupg security update
Advisory ID: RHSA-2006:0754-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0754.html
Issue date: 2006-12-06
Updated on: 2006-12-06
Product: Red Hat Enterprise Linux
Keywords: printable string decrypt heap overflow
CVE Names: CVE-2006-6169 CVE-2006-6235
- ---------------------------------------------------------------------

1. Summary:

Updated GnuPG packages that fix two security issues are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

GnuPG is a utility for encrypting data and creating digital signatures.

Tavis Ormandy discovered a stack overwrite flaw in the way GnuPG decrypts messages. An attacker could create carefully crafted message that could cause GnuPG to execute arbitrary code if a victim attempts to decrypt the message.
(CVE-2006-6235)

A heap based buffer overflow flaw was found in the way GnuPG constructs messages to be written to the terminal during an interactive session. An attacker could create a carefully crafted message which with user interaction could cause GnuPG to execute arbitrary code with the permissions of the user running GnuPG. (CVE-2006-6169)

All users of GnuPG are advised to upgrade to this updated package, which contains a backported patch to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

218505 - CVE-2006-6169 GnuPG heap overflow

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gnupg-1.0.7-20.src.rpm
55f3008c00505b9ed691a1621f9f679b gnupg-1.0.7-20.src.rpm

i386:
25113e54fca82c67a1adb0d14c536aa9 gnupg-1.0.7-20.i386.rpm

ia64:
6a3a3c6dc0e4b65fd5eddc75a422fead gnupg-1.0.7-20.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gnupg-1.0.7-20.src.rpm
55f3008c00505b9ed691a1621f9f679b gnupg-1.0.7-20.src.rpm

ia64:
6a3a3c6dc0e4b65fd5eddc75a422fead gnupg-1.0.7-20.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gnupg-1.0.7-20.src.rpm
55f3008c00505b9ed691a1621f9f679b gnupg-1.0.7-20.src.rpm

i386:
25113e54fca82c67a1adb0d14c536aa9 gnupg-1.0.7-20.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gnupg-1.0.7-20.src.rpm
55f3008c00505b9ed691a1621f9f679b gnupg-1.0.7-20.src.rpm

i386:
25113e54fca82c67a1adb0d14c536aa9 gnupg-1.0.7-20.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gnupg-1.2.1-19.src.rpm
2006add6d6ece17f59f4a9397d621665 gnupg-1.2.1-19.src.rpm

i386:
39045347836c30667687d601a58965a9 gnupg-1.2.1-19.i386.rpm e1a346200fd6628fefcdcc721083e91f gnupg-debuginfo-1.2.1-19.i386.rpm

ia64:
978ff04512ff5e7706d505e0fa46e0eb gnupg-1.2.1-19.ia64.rpm 03269279b06d98af518bd405c3313bad gnupg-debuginfo-1.2.1-19.ia64.rpm

ppc:
7f21902fb2f508d735bbc430a01765f4 gnupg-1.2.1-19.ppc.rpm e8019cb279d04aa65a9faf52ab0a46c0 gnupg-debuginfo-1.2.1-19.ppc.rpm

s390:
d9fefbd2ef988552d9b1b3b0a890acef gnupg-1.2.1-19.s390.rpm
5efc90cef0cac23eda451e1508e09fd2 gnupg-debuginfo-1.2.1-19.s390.rpm

s390x:
5fe40389e0aeb86ab0b9b1d413e899d1 gnupg-1.2.1-19.s390x.rpm
0353ea95434201e538e81809117fab33 gnupg-debuginfo-1.2.1-19.s390x.rpm

x86_64:
4cd47c1ff13aecfc4fb235e98b156e06 gnupg-1.2.1-19.x86_64.rpm 1a327c028d1e44f3747c890f6c926d9a gnupg-debuginfo-1.2.1-19.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gnupg-1.2.1-19.src.rpm
2006add6d6ece17f59f4a9397d621665 gnupg-1.2.1-19.src.rpm

i386:
39045347836c30667687d601a58965a9 gnupg-1.2.1-19.i386.rpm e1a346200fd6628fefcdcc721083e91f gnupg-debuginfo-1.2.1-19.i386.rpm

x86_64:
4cd47c1ff13aecfc4fb235e98b156e06 gnupg-1.2.1-19.x86_64.rpm 1a327c028d1e44f3747c890f6c926d9a gnupg-debuginfo-1.2.1-19.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gnupg-1.2.1-19.src.rpm
2006add6d6ece17f59f4a9397d621665 gnupg-1.2.1-19.src.rpm

i386:
39045347836c30667687d601a58965a9 gnupg-1.2.1-19.i386.rpm e1a346200fd6628fefcdcc721083e91f gnupg-debuginfo-1.2.1-19.i386.rpm

ia64:
978ff04512ff5e7706d505e0fa46e0eb gnupg-1.2.1-19.ia64.rpm 03269279b06d98af518bd405c3313bad gnupg-debuginfo-1.2.1-19.ia64.rpm

x86_64:
4cd47c1ff13aecfc4fb235e98b156e06 gnupg-1.2.1-19.x86_64.rpm 1a327c028d1e44f3747c890f6c926d9a gnupg-debuginfo-1.2.1-19.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gnupg-1.2.1-19.src.rpm
2006add6d6ece17f59f4a9397d621665 gnupg-1.2.1-19.src.rpm

i386:
39045347836c30667687d601a58965a9 gnupg-1.2.1-19.i386.rpm e1a346200fd6628fefcdcc721083e91f gnupg-debuginfo-1.2.1-19.i386.rpm

ia64:
978ff04512ff5e7706d505e0fa46e0eb gnupg-1.2.1-19.ia64.rpm 03269279b06d98af518bd405c3313bad gnupg-debuginfo-1.2.1-19.ia64.rpm

x86_64:
4cd47c1ff13aecfc4fb235e98b156e06 gnupg-1.2.1-19.x86_64.rpm 1a327c028d1e44f3747c890f6c926d9a gnupg-debuginfo-1.2.1-19.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnupg-1.2.6-8.src.rpm
4d919fce07aa4051c6a8ec5f871430c8 gnupg-1.2.6-8.src.rpm

i386:
640862942e412f7070f4633cef6a480e gnupg-1.2.6-8.i386.rpm
b389e7abc34289a7ed4b302893c10396 gnupg-debuginfo-1.2.6-8.i386.rpm

ia64:
0d1191dcf30c72a93282dfec862dbef6 gnupg-1.2.6-8.ia64.rpm
840fcfbd4a0078df5390cf206efe7c27 gnupg-debuginfo-1.2.6-8.ia64.rpm

ppc:
1c64e01d7a0e6adbf2c069303f28c66b gnupg-1.2.6-8.ppc.rpm 56d59005e8c51bda61edd99e75ef692b gnupg-debuginfo-1.2.6-8.ppc.rpm

s390:
6f007a82e0b769988ba97132db09053b gnupg-1.2.6-8.s390.rpm ac9c8f7fcd9313dc2ec9d53d206227de gnupg-debuginfo-1.2.6-8.s390.rpm

s390x:
bbf9eab34a9282fd30698bc0d27ff11f gnupg-1.2.6-8.s390x.rpm 6dd7b0cb8904abf3216de58be7bbb110 gnupg-debuginfo-1.2.6-8.s390x.rpm

x86_64:
800e7c982ba81ae0651b0091fdf61a63 gnupg-1.2.6-8.x86_64.rpm
fb3f183d427aea368b331b8e008122d7 gnupg-debuginfo-1.2.6-8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnupg-1.2.6-8.src.rpm
4d919fce07aa4051c6a8ec5f871430c8 gnupg-1.2.6-8.src.rpm

i386:
640862942e412f7070f4633cef6a480e gnupg-1.2.6-8.i386.rpm
b389e7abc34289a7ed4b302893c10396 gnupg-debuginfo-1.2.6-8.i386.rpm

x86_64:
800e7c982ba81ae0651b0091fdf61a63 gnupg-1.2.6-8.x86_64.rpm
fb3f183d427aea368b331b8e008122d7 gnupg-debuginfo-1.2.6-8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnupg-1.2.6-8.src.rpm
4d919fce07aa4051c6a8ec5f871430c8 gnupg-1.2.6-8.src.rpm

i386:
640862942e412f7070f4633cef6a480e gnupg-1.2.6-8.i386.rpm
b389e7abc34289a7ed4b302893c10396 gnupg-debuginfo-1.2.6-8.i386.rpm

ia64:
0d1191dcf30c72a93282dfec862dbef6 gnupg-1.2.6-8.ia64.rpm
840fcfbd4a0078df5390cf206efe7c27 gnupg-debuginfo-1.2.6-8.ia64.rpm

x86_64:
800e7c982ba81ae0651b0091fdf61a63 gnupg-1.2.6-8.x86_64.rpm
fb3f183d427aea368b331b8e008122d7 gnupg-debuginfo-1.2.6-8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnupg-1.2.6-8.src.rpm
4d919fce07aa4051c6a8ec5f871430c8 gnupg-1.2.6-8.src.rpm

i386:
640862942e412f7070f4633cef6a480e gnupg-1.2.6-8.i386.rpm
b389e7abc34289a7ed4b302893c10396 gnupg-debuginfo-1.2.6-8.i386.rpm

ia64:
0d1191dcf30c72a93282dfec862dbef6 gnupg-1.2.6-8.ia64.rpm
840fcfbd4a0078df5390cf206efe7c27 gnupg-debuginfo-1.2.6-8.ia64.rpm

x86_64:
800e7c982ba81ae0651b0091fdf61a63 gnupg-1.2.6-8.x86_64.rpm
fb3f183d427aea368b331b8e008122d7 gnupg-debuginfo-1.2.6-8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFFdwd0XlSAg2UNWIIRAlygAKC3BOrJgu7cd5wpyFWuTC2UV23tKQCgtqra
Gd5pkwXxWZqHubmN2e7FFFg=
=MzhE
-----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |