SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Kerberos Vendors:   MIT
(Ubuntu Issues Fix) MIT Kerberos Multiple Flaws in kadmind Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticted Users Execute Arbitrary Code
SecurityTracker Alert ID:  1031739
SecurityTracker URL:  http://securitytracker.com/id/1031739
CVE Reference:   CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423   (Links to External Site)
Date:  Feb 11 2015
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): krb5-1.11.x, krb5-1.12.x, and krb5-1.13.x
Description:   Several vulnerabilities were reported in MIT Kerberos. A remote authenticated user can execute arbitrary code on the target system. A remote user can obtain potentially sensitive information.

A remote authenticated user can send specially crafted data to trigger a use-after-free memory error in gss_process_context_token() and execute arbitrary code on the target system [CVE-2014-5352]. Other libgssrpc server applications may be affected.

A remote authenticated user can send specially crafted XDR data to trigger a use-after-free memory error in the kadmind daemon and execute arbitrary code on the target system [CVE-2014-9421]. Other libgssrpc server applications may be affected.

A remote authenticated user that has the key of a specially named principal (e.g., 'kad/root') can impersonate arbitrary users to kadmind [CVE-2014-9422].

libgssrpc applications, including kadmind, output 4-byte or 8-byte portions of uninitialized memory to the network in an unused "handle" field [CVE-2014-9423]. A remote user can obtain this information.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can obtain potentially sensitive information.

Solution:   Ubuntu has issued a fix.

The Ubuntu advisory is available at:

http://www.ubuntu.com/usn/usn-2498-1

Vendor URL:  web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Ubuntu)
Underlying OS Comments:  10.04 LTS, 12.04 LTS, 14.04 LTS, 14.10

Message History:   This archive entry is a follow-up to the message listed below.
Feb 3 2015 MIT Kerberos Multiple Flaws in kadmind Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticted Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC