Patch Applicability

This patch applies to Entegrity DCE 4.3.2 and 4.2.3 for Tru64 Unix.

If you are running other Entegrity versions, contact Entegrity Support Administration for assistance.

Overview

According to CIAC Bulletin p-249, vulnerabilities were discovered in the MIT krb5 Key Distribution Center (KDC). These vulnerabilities were described in MIT krb5 Security Advisories SA-2005-002 and SA-2005-003.

The bulletin reports that "Heap buffer overflow in the Kerberos KDC may allow an attacker to execute malicious code. A double-free error in krb5_recvauth() library routine may allow an attacker to execute arbitrary code. Also an attacker could trigger an invalid free() and cause a denial of service."

This Entegrity DCE Security Patch addresses that vulnerability.

Patch Notes

After this patch has been installed, developers need to change any code that creates an account via the sec_rgy_acct_add call. They must now explicitly set the renewable ticket flag when creating an account via this call

The flags that need to be set for a account created by the sec_rgy_acct_add call are:

admin_part.authentication_flags = sec_rgy_acct_auth_tgt |
sec_rgy_acct_auth_renewable;

Obtaining the Patch

This patch is available to all Entegrity customers with valid Technical Support contracts. For more information, contact Entegrity Support Administration for assistance.

To obtain the patch, click here.

Applying the Patch

Obtain the patch as described in the previous section.

On each machine that runs the security server (secd):

1. gunzip and then untar the file into a temporary directory.

2. Issue the following commands.

Note that the second command (cp /opt...) breaks in this example. Do not include a line break when typing the command.

dcesetup stop

cp /opt/dcelocal/bin/secd   /opt/dcelocal/bin/
secd.pre_secd_patch_11aug2005

cp secd /opt/dcelocal/bin/secd

dcesetup start