Executive Summary
Summary | |
---|---|
Title | krb5 security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0200 | First vendor Publication | 2011-02-08 |
Vendor | RedHat | Last vendor Modification | 2011-02-08 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated krb5 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed principal names that were not null terminated, when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to crash the KDC via a specially-crafted request. (CVE-2011-0282) A denial of service flaw was found in the way the MIT Kerberos KDC processed certain principal names when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to cause the KDC to hang via a specially-crafted request. (CVE-2011-0281) A denial of service flaw was found in the way the MIT Kerberos V5 slave KDC update server (kpropd) processed certain update requests for KDC database propagation. A remote attacker could use this flaw to terminate the kpropd daemon via a specially-crafted update request. (CVE-2010-4022) Red Hat would like to thank the MIT Kerberos Team for reporting the CVE-2011-0282 and CVE-2011-0281 issues. Upstream acknowledges Kevin Longfellow of Oracle Corporation as the original reporter of the CVE-2011-0281 issue. All krb5 users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 664009 - CVE-2010-4022 krb5: kpropd unexpected termination on invalid input (MITKRB5-SA-2011-001) 668719 - CVE-2011-0281 krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002) 668726 - CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0200.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-310 | Cryptographic Issues |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:19882 | |||
Oval ID: | oval:org.mitre.oval:def:19882 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0281 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20477 | |||
Oval ID: | oval:org.mitre.oval:def:20477 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0282 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20936 | |||
Oval ID: | oval:org.mitre.oval:def:20936 | ||
Title: | RHSA-2011:0200: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21814 | |||
Oval ID: | oval:org.mitre.oval:def:21814 | ||
Title: | RHSA-2011:0199: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0199-01 CESA-2011:0199 CVE-2011-0281 CVE-2011-0282 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22659 | |||
Oval ID: | oval:org.mitre.oval:def:22659 | ||
Title: | ELSA-2011:0200: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23219 | |||
Oval ID: | oval:org.mitre.oval:def:23219 | ||
Title: | ELSA-2011:0199: krb5 security update (Important) | ||
Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0199-01 CVE-2011-0281 CVE-2011-0282 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28010 | |||
Oval ID: | oval:org.mitre.oval:def:28010 | ||
Title: | DEPRECATED: ELSA-2011-0200 -- krb5 security update (important) | ||
Description: | [1.8.2-3.4] - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101) [1.8.2-3.3] - pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751, assumed to already be there for the next fix - incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962) [1.8.2-3.2] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #644825, RT#6775) - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #644825, RT#6774) [1.8.2-3.1] - incorporate candidate patch to fix uninitialized pointer crash in the KDC (CVE-2010-1322, #636336) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0200 CVE-2010-4020 CVE-2010-4022 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28149 | |||
Oval ID: | oval:org.mitre.oval:def:28149 | ||
Title: | DEPRECATED: ELSA-2011-0199 -- krb5 security update (important) | ||
Description: | - add upstream patch to fix hang or crash in the KDC when using the LDAP kdb backend (CVE-2011-0281, CVE-2011-0282, #671096) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0199 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 x86_64 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_x86_64.nasl |
2012-06-15 | Name : Fedora Update for krb5 FEDORA-2012-8805 File : nvt/gb_fedora_2012_8805_krb5_fc15.nasl |
2012-06-05 | Name : RedHat Update for krb5 RHSA-2011:0200-01 File : nvt/gb_RHSA-2011_0200-01_krb5.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
2012-02-01 | Name : Fedora Update for krb5 FEDORA-2011-16284 File : nvt/gb_fedora_2011_16284_krb5_fc15.nasl |
2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14673 File : nvt/gb_fedora_2011_14673_krb5_fc15.nasl |
2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14650 File : nvt/gb_fedora_2011_14650_krb5_fc14.nasl |
2011-08-09 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 i386 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_i386.nasl |
2011-05-12 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb512.nasl |
2011-05-12 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb513.nasl |
2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5343 File : nvt/gb_fedora_2011_5343_krb5_fc13.nasl |
2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5345 File : nvt/gb_fedora_2011_5345_krb5_fc14.nasl |
2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3462 File : nvt/gb_fedora_2011_3462_krb5_fc14.nasl |
2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3464 File : nvt/gb_fedora_2011_3464_krb5_fc13.nasl |
2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1225 File : nvt/gb_fedora_2011_1225_krb5_fc14.nasl |
2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1210 File : nvt/gb_fedora_2011_1210_krb5_fc13.nasl |
2011-02-16 | Name : Ubuntu Update for krb5 vulnerabilities USN-1062-1 File : nvt/gb_ubuntu_USN_1062_1.nasl |
2011-02-11 | Name : RedHat Update for krb5 RHSA-2011:0199-01 File : nvt/gb_RHSA-2011_0199-01_krb5.nasl |
2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:024 (krb5) File : nvt/gb_mandriva_MDVSA_2011_024.nasl |
2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:025 (krb5) File : nvt/gb_mandriva_MDVSA_2011_025.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70909 | Kerberos KDC LDAP Backend Principal Name Handling DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the Key Distribution Center improperly processes certain principal names which causes a NULL pointer dereference error, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
70908 | Kerberos KDC LDAP Backend Unparse Implementation DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the unparse implementation in the Key Distribution Center improperly processes certain principal names which trigger backslash escape sequences, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
70907 | Kerberos kpropd do_standalone() Function Unspecified DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the 'do_standalone' function in the KDC database propagation daemon fails to properly handle a worker child process exiting abnormally, allowing a remote attacker to cause a denial of service. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | MIT Kerberos libkdb_ldap principal name handling denial of service attempt RuleID : 26759 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_krb5-110209.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110208_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-13.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_krb5-110209.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4ab413ea66ce11e0bf05d445f3aa24f0.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_64f24a1e66cf11e09debf345f3aa24f0.nasl - Type : ACT_GATHER_INFO |
2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1210.nasl - Type : ACT_GATHER_INFO |
2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1225.nasl - Type : ACT_GATHER_INFO |
2011-02-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1062-1.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-110120.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-025.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-024.nasl - Type : ACT_GATHER_INFO |
2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:19 |
|