Executive Summary

Summary
Title krb5 security, bug fix, and enhancement update
Informations
Name RHSA-2016:2591 First vendor Publication 2016-11-03
Vendor RedHat Last vendor Modification 2016-11-03
Severity (Vendor) N/A Revision 02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score 4 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update for krb5 is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

The following packages have been upgraded to a newer upstream version: krb5 (1.14.1). (BZ#1292153)

Security Fix(es):

* A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a null pointer and crash by supplying an empty DB argument to the modify_principal command, if kadmind was configured to use the LDAP KDB module. (CVE-2016-3119)

* A NULL pointer dereference flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to dereference a null pointer and crash by making an S4U2Self request, if the restrict_anonymous_to_tgt option was set to true. (CVE-2016-3120)

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1135427 - kadmin.local -q with wrong value in -e option doesn't return nonzero return code 1146945 - RFE: Kerberos should support dropping configuration snippets to /etc/ and /usr 1183058 - krb5-server requires systemd-sysv when it shouldn't need to 1247261 - ksu asks for password even if called by root 1256735 - krb5kdc.log file is world-readable on IPA 1283902 - Remove krb5-server dependency on initscripts unless it is needed 1284987 - Please backport fix for interposer 1290239 - Update krb5 spec file with changes made in fedora 1292153 - Rebase krb5 to 1.14.x 1296241 - Chrome crash in spnego_gss_inquire_context() 1297591 - [backport] Fix some uses of installed files in the test suite 1313457 - krb5 selinux patch leaks memory 1314493 - Skip unnecessary mech calls in gss_inquire_cred 1319616 - CVE-2016-3119 krb5: null pointer dereference in kadmin 1340304 - otp module incorrectly overwrites as_key 1349042 - Incorrect length calculation in libkrad 1361050 - CVE-2016-3120 krb5: S4U2Self KDC crash when anon is restricted 1363690 - ssh login permission denied when ldap/krb5 is enabled via authconfig 1364993 - MS-KKDCP with TLS SNI requires HTTP Host header

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2016-2591.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-476 NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 78
Os 1
Os 1

Nessus® Vulnerability Scanner

Date Description
2018-11-21 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1376.nasl - Type : ACT_GATHER_INFO
2018-08-17 Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0021.nasl - Type : ACT_GATHER_INFO
2018-02-01 Name : The remote Debian host is missing a security update.
File : debian_DLA-1265.nasl - Type : ACT_GATHER_INFO
2017-05-01 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1076.nasl - Type : ACT_GATHER_INFO
2017-02-07 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-793.nasl - Type : ACT_GATHER_INFO
2016-12-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161103_krb5_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2016-11-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2591.nasl - Type : ACT_GATHER_INFO
2016-11-11 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2591.nasl - Type : ACT_GATHER_INFO
2016-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2591.nasl - Type : ACT_GATHER_INFO
2016-09-09 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1065.nasl - Type : ACT_GATHER_INFO
2016-09-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2136-1.nasl - Type : ACT_GATHER_INFO
2016-09-02 Name : The remote Fedora host is missing a security update.
File : fedora_2016-f405b25923.nasl - Type : ACT_GATHER_INFO
2016-09-02 Name : The remote Fedora host is missing a security update.
File : fedora_2016-4a36663643.nasl - Type : ACT_GATHER_INFO
2016-08-02 Name : The remote Fedora host is missing a security update.
File : fedora_2016-0674a3c372.nasl - Type : ACT_GATHER_INFO
2016-07-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_62d452294fa011e69d13206a8a720317.nasl - Type : ACT_GATHER_INFO
2016-04-19 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1088-1.nasl - Type : ACT_GATHER_INFO
2016-04-18 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-474.nasl - Type : ACT_GATHER_INFO
2016-04-13 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0994-1.nasl - Type : ACT_GATHER_INFO
2016-04-07 Name : The remote Fedora host is missing a security update.
File : fedora_2016-ed99cb602e.nasl - Type : ACT_GATHER_INFO
2016-04-05 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-424.nasl - Type : ACT_GATHER_INFO
2016-03-28 Name : The remote Fedora host is missing a security update.
File : fedora_2016-8dbc4ade25.nasl - Type : ACT_GATHER_INFO
2016-03-23 Name : The remote Fedora host is missing a security update.
File : fedora_2016-56840babc3.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2016-11-29 13:23:41
  • Multiple Updates
2016-11-12 13:25:32
  • Multiple Updates
2016-11-05 13:24:39
  • Multiple Updates
2016-11-03 13:22:43
  • First insertion