3cc3468b6a
attack described in SA2001-12 (noted by T. M. Pederson <salvage@plethora.net> in PR pkg/13610). Instead of applying the patch submitted by T. M. Pederson, we upgrade kth-krb4 to 1.0.9 where the vulnerability has been fixed. The upgrade to 1.0.9 was provided by Assar Westerlund <assar@netbsd.org> and slightly modified by myself. Also included is diff file for /etc/services for NetBSD-1.5 (and 1.5.1) also submitted by T. M. Pederson <salvage@plethora.net> in PR 12540. Note: files/services.diff resurfaces as files/services-1.4.2.diff. Closes PR 13610 and PR 12540.
55 lines
2.3 KiB
Diff
55 lines
2.3 KiB
Diff
$NetBSD: services-1.5.diff,v 1.1 2001/08/02 12:46:49 wennmach Exp $
|
|
This patch is relative to NetBSD-1.5/1.5.1
|
|
|
|
--- /etc/services.orig Wed Aug 1 19:29:26 2001
|
|
+++ /etc/services Wed Aug 1 19:42:33 2001
|
|
@@ -52,8 +52,8 @@
|
|
www 80/tcp http # WorldWideWeb HTTP
|
|
www 80/udp # HyperText Transfer Protocol
|
|
link 87/tcp ttylink
|
|
-kerberos 88/tcp krb5 # Kerberos v5
|
|
-kerberos 88/udp
|
|
+#kerberos 88/tcp krb5 # Kerberos v5
|
|
+#kerberos 88/udp
|
|
supdup 95/tcp
|
|
# 100 - reserved
|
|
hostnames 101/tcp hostname # usually from sri-nic
|
|
@@ -211,11 +211,11 @@
|
|
kshell 544/tcp krcmd # Kerberos `rsh'
|
|
ekshell 545/tcp # Encrypted kshell
|
|
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
|
|
-kerberos-iv 750/udp kdc kerberos4 # Kerberos (server) udp
|
|
-kerberos-iv 750/tcp kdc kerberos4 # Kerberos (server) tcp
|
|
-kerberos-master 751/udp # Kerberos admin server udp
|
|
-kerberos-master 751/tcp # Kerberos admin server tcp
|
|
-hprop 754/tcp # Heimdal KDC database propagation
|
|
+#kerberos-iv 750/udp kdc kerberos4 # Kerberos (server) udp
|
|
+#kerberos-iv 750/tcp kdc kerberos4 # Kerberos (server) tcp
|
|
+#kerberos-master 751/udp # Kerberos admin server udp
|
|
+#kerberos-master 751/tcp # Kerberos admin server tcp
|
|
+#hprop 754/tcp # Heimdal KDC database propagation
|
|
krbupdate 760/tcp kreg # BSD Kerberos registration
|
|
kpasswd 761/tcp kpwd # BSD Kerberos `passwd'
|
|
kpop 1109/tcp # Kerberos POP server
|
|
@@ -265,3 +265,21 @@
|
|
codasrv 2432/udp # server port
|
|
codasrv-se 2433/tcp # tcp side effects
|
|
codasrv-se 2433/udp # udp sftp side effect
|
|
+
|
|
+#
|
|
+# KTH Kerberos IV implementation
|
|
+# Substitutes and/or adds alternate names with respect to Kerberos V
|
|
+# services.
|
|
+#
|
|
+kerberos-sec 88/tcp krb5 # Kerberos secondary port TCP
|
|
+kerberos-sec 88/udp # Kerberos secondary port UDP
|
|
+kerberos-adm 749/udp # v5 kadmin
|
|
+kerberos-iv 750/udp kdc kerberos kerberos4 # Kerberos (server) udp
|
|
+kerberos-iv 750/tcp kdc kerberos kerberos4 # Kerberos (server) tcp
|
|
+kerberos-master 751/udp kerberos_master # Kerberos admin server udp
|
|
+kerberos-master 751/tcp kerberos_master # Kerberos admin server tcp
|
|
+hprop 754/tcp krb_prop # Heimdal KDC database propagation
|
|
+rkinit 2108/tcp # Kerberos remote kinit
|
|
+kx 2111/tcp # X over kerberos
|
|
+kip 2112/tcp # IP over kerberos
|
|
+kauth 2120/tcp # Remote kauth
|