Executive Summary
Summary | |
---|---|
Title | Kerberos vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-924-1 | First vendor Publication | 2010-04-07 |
Vendor | Ubuntu | Last vendor Modification | 2010-04-07 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: Ubuntu 8.10: Ubuntu 9.04: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. (CVE-2010-0629) It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901, CVE-2007-5971) It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. (Only Ubuntu 8.04 LTS was affected.) (CVE-2007-5902, CVE-2007-5972) |
Original Source
Url : http://www.ubuntu.com/usn/USN-924-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
40 % | CWE-399 | Resource Management Errors |
20 % | CWE-416 | Use After Free |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10296 | |||
Oval ID: | oval:org.mitre.oval:def:10296 | ||
Title: | Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | ||
Description: | Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5971 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11451 | |||
Oval ID: | oval:org.mitre.oval:def:11451 | ||
Title: | Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | ||
Description: | Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5901 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20259 | |||
Oval ID: | oval:org.mitre.oval:def:20259 | ||
Title: | DSA-2031-1 krb5 - denial of service | ||
Description: | Sol Jerome discovered that kadmind service in krb5, a system for authenticating users and services on a network, allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2031-1 CVE-2010-0629 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22037 | |||
Oval ID: | oval:org.mitre.oval:def:22037 | ||
Title: | RHSA-2010:0343: krb5 security and bug fix update (Important) | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0343-01 CESA-2010:0343 CVE-2010-0629 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23005 | |||
Oval ID: | oval:org.mitre.oval:def:23005 | ||
Title: | ELSA-2010:0343: krb5 security and bug fix update (Important) | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0343-01 CVE-2010-0629 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28012 | |||
Oval ID: | oval:org.mitre.oval:def:28012 | ||
Title: | DEPRECATED: ELSA-2010-0343 -- krb5 security and bug fix update (important) | ||
Description: | [1.6.1-36.el5_5.3] - add upstream patch to fix a few use-after-free bugs, including one in kadmind (CVE-2010-0629, #578185) [1.6.1-36.el5_5.2] - pull changes to libkrb5 to properly handle and chase off-path referrals back from 1.7 (#574387) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0343 CVE-2010-0629 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9489 | |||
Oval ID: | oval:org.mitre.oval:def:9489 | ||
Title: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0629 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
2011-08-09 | Name : CentOS Update for krb5-devel CESA-2010:0343 centos5 i386 File : nvt/gb_CESA-2010_0343_krb5-devel_centos5_i386.nasl |
2010-05-28 | Name : Ubuntu Update for krb5 vulnerabilities USN-940-1 File : nvt/gb_ubuntu_USN_940_1.nasl |
2010-05-28 | Name : Fedora Update for krb5 FEDORA-2010-8796 File : nvt/gb_fedora_2010_8796_krb5_fc11.nasl |
2010-04-21 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb52.nasl |
2010-04-16 | Name : Mandriva Update for krb5 MDVSA-2010:071 (krb5) File : nvt/gb_mandriva_MDVSA_2010_071.nasl |
2010-04-09 | Name : Ubuntu Update for krb5 vulnerabilities USN-924-1 File : nvt/gb_ubuntu_USN_924_1.nasl |
2010-04-09 | Name : RedHat Update for krb5 RHSA-2010:0343-01 File : nvt/gb_RHSA-2010_0343-01_krb5.nasl |
2010-04-09 | Name : Fedora Update for krb5 FEDORA-2010-6108 File : nvt/gb_fedora_2010_6108_krb5_fc11.nasl |
2010-02-19 | Name : Mandriva Update for eject MDVA-2010:071 (eject) File : nvt/gb_mandriva_MDVA_2010_071.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-04-09 | Name : Mandriva Update for krb5 MDVSA-2008:069 (krb5) File : nvt/gb_mandriva_MDVSA_2008_069.nasl |
2009-04-09 | Name : Mandriva Update for krb5 MDVSA-2008:070 (krb5) File : nvt/gb_mandriva_MDVSA_2008_070.nasl |
2009-03-06 | Name : RedHat Update for krb5 RHSA-2008:0180-01 File : nvt/gb_RHSA-2008_0180-01_krb5.nasl |
2009-03-06 | Name : RedHat Update for krb5 RHSA-2008:0164-01 File : nvt/gb_RHSA-2008_0164-01_krb5.nasl |
2009-02-27 | Name : CentOS Update for krb5-devel CESA-2008:0180 centos4 x86_64 File : nvt/gb_CESA-2008_0180_krb5-devel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for krb5-devel CESA-2008:0180 centos4 i386 File : nvt/gb_CESA-2008_0180_krb5-devel_centos4_i386.nasl |
2009-02-16 | Name : Fedora Update for krb5 FEDORA-2008-2647 File : nvt/gb_fedora_2008_2647_krb5_fc8.nasl |
2009-02-16 | Name : Fedora Update for krb5 FEDORA-2008-2637 File : nvt/gb_fedora_2008_2637_krb5_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200803-31 (mit-krb5) File : nvt/glsa_200803_31.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63569 | Kerberos src/kadmin/server/server_stubs.c init_2_svc() Function API Version N... |
44748 | MIT Kerberos 5 (krb5) lib/rpc/svc_auth_gss.c svcauth_gss_get_principal Functi... |
44747 | MIT Kerberos 5 (krb5) lib/kdb/kdb_default.c krb5_def_store_mkey Function Doub... |
43346 | MIT Kerberos 5 lib/gssapi/mechglue/g_initialize.c gss_indicate_mechs Function... |
43345 | MIT Kerberos 5 (krb5) lib/gssapi/krb5/k5sealv3.c gss_krb5int_make_seal_token_... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0180.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0164.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-924-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100406_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080318_krb5_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-13.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-6108.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-940-1.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2010-04-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a30573dc489311dfa5f9001641aeabdf.nasl - Type : ACT_GATHER_INFO |
2010-04-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO |
2010-04-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-04-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-04-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2031.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0164.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-070.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-069.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2637.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200803-31.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2647.nasl - Type : ACT_GATHER_INFO |
2008-03-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0180.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0180.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0164.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-01-16 | Name : The remote openSUSE host is missing a security update. File : suse_krb5-4851.nasl - Type : ACT_GATHER_INFO |
2008-01-16 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_krb5-4852.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:41 |
|