SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Kerberos Vendors:   Royal Institute of Technology
(OpenBSD Issues Fix) Heimdal Kerberos Cross-Realm Validation Flaw May Permit User Impersonation
SecurityTracker Alert ID:  1010349
SecurityTracker URL:  http://securitytracker.com/id/1010349
CVE Reference:   CVE-2004-0371   (Links to External Site)
Date:  May 31 2004
Impact:   Host/resource access via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A cross-realm vulnerability was reported in Heimdal Kerberos. A remote user can impersonate another user.

The vendor reported that a user with with control of a Kerberos realm can impersonate any target user in the cross-realm trust path. The software does not properly perform consistency checks on cross-realm requests.

The advisory is available at:

http://www.pdc.kth.se/heimdal/advisory/2004-04-01/

Impact:   A user with with control of a Kerberos realm can impersonate any target user in the cross-realm trust path.
Solution:   OpenBSD has issued the following patches:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/022_kerberos.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch

Vendor URL:  www.pdc.kth.se/heimdal/ (Links to External Site)
Cause:   Authentication error
Underlying OS:  UNIX (OpenBSD)
Underlying OS Comments:  3.4, 3.5

Message History:   This archive entry is a follow-up to the message listed below.
Apr 2 2004 Heimdal Kerberos Cross-Realm Validation Flaw May Permit User Impersonation



 Source Message Contents

Subject:  Kerberos OpenBSD fix


022: SECURITY FIX: May 30, 2004
A flaw in the Kerberos V kdc(8) server could result in the administrator of a Kerberos 
realm having the ability to impersonate any principal in any other realm which has 
established a cross-realm trust with their realm. The flaw is due to inadequate checking 
of the "transited" field in a Kerberos request. For more details see Heimdal's announcement.

http://www.pdc.kth.se/heimdal/advisory/2004-04-01/

A source code patch exists which remedies this problem.

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/022_kerberos.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC