Updated krb5-appl packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link(s) associated with each description below.
The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC).
A buffer overflow flaw was found in the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.
Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
For users who have installed the krb5-appl-servers package, have enabled the krb5 telnet daemon, and have it accessible remotely, this update should be applied immediately.
All krb5-appl-server users should upgrade to these updated packages, which contain a backported patch to correct this issue.
Updated krb5-appl packages that fix two bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
The krb5-appl packages contain Kerberos-aware versions of clients and servers for the telnet, FTP, rsh, and rlogin protocols.
Prior to this update, the default PAM configuration for the FTP server incorrectly attempted to use the pam_selinux.so module. As a result, users failed to log in. This update corrects the supplied configuration. Now, the FTP server works as expected.
Prior to this update, the FTP server did not correctly parse lines in the /etc/ftpusers file which specified user names in combination with the "restrict" keyword. This update modifies the code so that the server parses the "restrict" keyword correctly.
- BZ#665834, BZ#736364
Prior to this update, the command-line FTP client in the krb5-appl-clients package did not accept command lines longer than 500 characters. This update removes this limitation.
All users of krb5-appl are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.
Updated krb5-appl packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The krb5-appl packages contain Kerberos-aware versions of telnet, ftp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and trusted third-party, the Key Distribution Center (KDC).
When executing either the "mdir" or "mls" command, the FTP client stores results returned by the server in a specified local file. Previously, when opening the file, the client did not ensure that the mode value it passed to the fopen() function was properly null-terminated. This could cause unpredictable failures. This update ensures that the value is properly null-terminated so that the failures no longer occur in this scenario.
All users of krb5-appl are advised to upgrade to these updated packages, which fix this bug.