Executive Summary
Summary | |
---|---|
Title | Kerberos vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1062-1 | First vendor Publication | 2011-02-15 |
Vendor | Ubuntu | Last vendor Modification | 2011-02-15 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: Ubuntu 9.10: Ubuntu 10.04 LTS: Ubuntu 10.10: In general, a standard system update will make all the necessary changes. Details follow: Keiichi Mori discovered that the MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial of service attack due to improper logic when a worker child process exited because of invalid network input. This could only occur when kpropd is running in standalone mode; kpropd was not affected when running in incremental propagation mode ("iprop") or as an inetd server. This issue only affects Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. (CVE-2010-4022) Kevin Longfellow and others discovered that the MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks when using an LDAP back end due to improper handling of network input. (CVE-2011-0281, CVE-2011-0282) |
Original Source
Url : http://www.ubuntu.com/usn/USN-1062-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-310 | Cryptographic Issues |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:19882 | |||
Oval ID: | oval:org.mitre.oval:def:19882 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0281 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20477 | |||
Oval ID: | oval:org.mitre.oval:def:20477 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0282 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20936 | |||
Oval ID: | oval:org.mitre.oval:def:20936 | ||
Title: | RHSA-2011:0200: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21814 | |||
Oval ID: | oval:org.mitre.oval:def:21814 | ||
Title: | RHSA-2011:0199: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0199-01 CESA-2011:0199 CVE-2011-0281 CVE-2011-0282 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22659 | |||
Oval ID: | oval:org.mitre.oval:def:22659 | ||
Title: | ELSA-2011:0200: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23219 | |||
Oval ID: | oval:org.mitre.oval:def:23219 | ||
Title: | ELSA-2011:0199: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0199-01 CVE-2011-0281 CVE-2011-0282 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28010 | |||
Oval ID: | oval:org.mitre.oval:def:28010 | ||
Title: | DEPRECATED: ELSA-2011-0200 -- krb5 security update (important) | ||
Description: | [1.8.2-3.4] - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101) [1.8.2-3.3] - pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751, assumed to already be there for the next fix - incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962) [1.8.2-3.2] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #644825, RT#6775) - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #644825, RT#6774) [1.8.2-3.1] - incorporate candidate patch to fix uninitialized pointer crash in the KDC (CVE-2010-1322, #636336) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0200 CVE-2010-4020 CVE-2010-4022 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28149 | |||
Oval ID: | oval:org.mitre.oval:def:28149 | ||
Title: | DEPRECATED: ELSA-2011-0199 -- krb5 security update (important) | ||
Description: | - add upstream patch to fix hang or crash in the KDC when using the LDAP kdb backend (CVE-2011-0281, CVE-2011-0282, #671096) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0199 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 x86_64 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_x86_64.nasl |
2012-06-15 | Name : Fedora Update for krb5 FEDORA-2012-8805 File : nvt/gb_fedora_2012_8805_krb5_fc15.nasl |
2012-06-05 | Name : RedHat Update for krb5 RHSA-2011:0200-01 File : nvt/gb_RHSA-2011_0200-01_krb5.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
2012-02-01 | Name : Fedora Update for krb5 FEDORA-2011-16284 File : nvt/gb_fedora_2011_16284_krb5_fc15.nasl |
2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14673 File : nvt/gb_fedora_2011_14673_krb5_fc15.nasl |
2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14650 File : nvt/gb_fedora_2011_14650_krb5_fc14.nasl |
2011-08-09 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 i386 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_i386.nasl |
2011-05-12 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb512.nasl |
2011-05-12 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb513.nasl |
2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5343 File : nvt/gb_fedora_2011_5343_krb5_fc13.nasl |
2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5345 File : nvt/gb_fedora_2011_5345_krb5_fc14.nasl |
2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3462 File : nvt/gb_fedora_2011_3462_krb5_fc14.nasl |
2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3464 File : nvt/gb_fedora_2011_3464_krb5_fc13.nasl |
2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1225 File : nvt/gb_fedora_2011_1225_krb5_fc14.nasl |
2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1210 File : nvt/gb_fedora_2011_1210_krb5_fc13.nasl |
2011-02-16 | Name : Ubuntu Update for krb5 vulnerabilities USN-1062-1 File : nvt/gb_ubuntu_USN_1062_1.nasl |
2011-02-11 | Name : RedHat Update for krb5 RHSA-2011:0199-01 File : nvt/gb_RHSA-2011_0199-01_krb5.nasl |
2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:024 (krb5) File : nvt/gb_mandriva_MDVSA_2011_024.nasl |
2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:025 (krb5) File : nvt/gb_mandriva_MDVSA_2011_025.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70909 | Kerberos KDC LDAP Backend Principal Name Handling DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the Key Distribution Center improperly processes certain principal names which causes a NULL pointer dereference error, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
70908 | Kerberos KDC LDAP Backend Unparse Implementation DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the unparse implementation in the Key Distribution Center improperly processes certain principal names which trigger backslash escape sequences, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
70907 | Kerberos kpropd do_standalone() Function Unspecified DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the 'do_standalone' function in the KDC database propagation daemon fails to properly handle a worker child process exiting abnormally, allowing a remote attacker to cause a denial of service. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | MIT Kerberos libkdb_ldap principal name handling denial of service attempt RuleID : 26759 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_krb5-110209.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110208_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-13.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_krb5-110209.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4ab413ea66ce11e0bf05d445f3aa24f0.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_64f24a1e66cf11e09debf345f3aa24f0.nasl - Type : ACT_GATHER_INFO |
2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1210.nasl - Type : ACT_GATHER_INFO |
2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1225.nasl - Type : ACT_GATHER_INFO |
2011-02-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1062-1.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-110120.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-025.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-024.nasl - Type : ACT_GATHER_INFO |
2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:17 |
|