USN-881-1

Executive Summary

Summary
Title	Kerberos vulnerability

Informations
Name	USN-881-1	First vendor Publication	2010-01-12
Vendor	Ubuntu	Last vendor Modification	2010-01-12
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libkrb53 1.4.3-5ubuntu0.10

Ubuntu 8.04 LTS:
libkrb53 1.6.dfsg.3~beta1-2ubuntu1.3

Ubuntu 8.10:
libkrb53 1.6.dfsg.4~beta1-3ubuntu0.3

Ubuntu 9.04:
libkrb53 1.6.dfsg.4~beta1-5ubuntu2.2

Ubuntu 9.10:
libk5crypto3 1.7dfsg~beta3-1ubuntu0.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Kerberos did not correctly handle invalid AES
blocks. An unauthenticated remote attacker could send specially crafted
traffic that would crash the KDC service, leading to a denial of service,
or possibly execute arbitrary code with root privileges.

Original Source

Url : http://www.ubuntu.com/usn/USN-881-1

CWE : Common Weakness Enumeration

id	Name
CWE-189	Numeric Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:8192

Oval ID:	oval:org.mitre.oval:def:8192
Title:	Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
Description:	Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-4212	Version:	2
Platform(s):	Sun Solaris 10	Product(s):
Definition Synopsis:
Software Section Solaris 10 (SPARC) meets Sun Alert 275530 Solaris 10 (SPARC) is installed AND NOT Patch 141500-06 or later installed OR Solaris 10 (x86) meets Sun Alert 275530 Solaris 10 (x86) is installed AND NOT Patch 141501-07 or later installed AND /etc/krb5/krb5.conf is configured with a kerberos domain

Definition Id: oval:org.mitre.oval:def:7357

Oval ID:	oval:org.mitre.oval:def:7357
Title:	MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
Description:	Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-4212	Version:	3
Platform(s):	VMWare ESX Server 4	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201005406-SG is not installed

Definition Id: oval:org.mitre.oval:def:11272

Oval ID:	oval:org.mitre.oval:def:11272
Title:	Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
Description:	Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-4212	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section krb5-workstation is earlier than 0:1.2.7-71 AND krb5 is earlier than 0:1.2.7-71 AND krb5-libs is earlier than 0:1.2.7-71 AND krb5-server is earlier than 0:1.2.7-71 AND krb5-devel is earlier than 0:1.2.7-71 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section krb5-workstation is earlier than 0:1.3.4-62.el4_8.1 AND krb5 is earlier than 0:1.3.4-62.el4_8.1 AND krb5-libs is earlier than 0:1.3.4-62.el4_8.1 AND krb5-server is earlier than 0:1.3.4-62.el4_8.1 AND krb5-devel is earlier than 0:1.3.4-62.el4_8.1 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section krb5-workstation is earlier than 0:1.6.1-36.el5_4.1 AND krb5 is earlier than 0:1.6.1-36.el5_4.1 AND krb5-libs is earlier than 0:1.6.1-36.el5_4.1 AND krb5-server is earlier than 0:1.6.1-36.el5_4.1 AND krb5-devel is earlier than 0:1.6.1-36.el5_4.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mit Kerberos cpe:/a:mit:kerberos:5-1.7 cpe:/a:mit:kerberos:5-1.6.3 cpe:/a:mit:kerberos:5-1.6.2 cpe:/a:mit:kerberos:5-1.6.1 cpe:/a:mit:kerberos:5-1.6 cpe:/a:mit:kerberos:5-1.5.3 cpe:/a:mit:kerberos:5-1.5.2 cpe:/a:mit:kerberos:5-1.5.1 cpe:/a:mit:kerberos:5-1.5 cpe:/a:mit:kerberos:5-1.4.4 cpe:/a:mit:kerberos:5-1.4.3 cpe:/a:mit:kerberos:5-1.4.2 cpe:/a:mit:kerberos:5-1.4.1 cpe:/a:mit:kerberos:5-1.4 cpe:/a:mit:kerberos:5-1.3.6 cpe:/a:mit:kerberos:5-1.3.5 cpe:/a:mit:kerberos:5-1.3.4 cpe:/a:mit:kerberos:5-1.3.3 cpe:/a:mit:kerberos:5-1.3.2 cpe:/a:mit:kerberos:5-1.3.1 cpe:/a:mit:kerberos:5-1.3	21

Open Source Vulnerability Database (OSVDB)

id	Description
61795	MIT Kerberos 5 (krb5) Crypto Library AES / RC4 Decryption Functionality Malfo...

Type	Count
Oval ID(s)	3
CPE ID(s)	21
osvdb(s)	1

Related	Severity
CVE-2009-4212	(Critical)

Same Subject	Severity
Login to view 8 more Alert(s)

USN-881-1

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU