Linux News Today: Numerous Kerberos Vulnerabilities Have Been Fixed in All Ubuntu OSes

Canonical has published details in a security notice about a number of Kerberos vulnerabilities that have been found and fixed in Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.

The Ubuntu maintainers for this utility have released a new update for the Kerberos package (MIT Kerberos Network Authentication Protocol), and users should really take the opportunity and upgrade the system.

According to the security notice, “It was discovered that the Kerberos kdcpreauth modules incorrectly tracked certain client requests. A remote attacker could possibly use this issue to bypass intended preauthentication requirements. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04.”

This is just one of the problems that have been fixed. For a more detailed description of the vulnerabilities, you can see Canonical’s security notification. Users should upgrade their Linux distribution in order to correct this issue.

The flaw can be fixed if you upgrade your system(s) to the latest Kerberos-related package and their dependencies, specific to each distribution. To apply the patch, users can simply run the Update Manager application.

If you don’t want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):

code
sudo apt-get update
sudo apt-get dist-upgrade

In general, a standard system update will make all the necessary changes, and rebooting the system is not required to complete the process.

Via Softpedia

Wagiman Wiryosukiro

Petani Sistem Informasi, tukang las plugin & themes Wordpress. Co-Founder SistemInformasi.biz. Saat ini aktif sebagai Developer & kontributor di OpenMandriva Linux.

You may also like...

%d bloggers like this: