SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   IBM AIX Vendors:   IBM
(IBM Issues Fix for IBM AIX NAS) MIT Kerberos Multiple Flaws in kadmind Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticted Users Execute Arbitrary Code
SecurityTracker Alert ID:  1032383
SecurityTracker URL:  http://securitytracker.com/id/1032383
CVE Reference:   CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423   (Links to External Site)
Date:  May 22 2015
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.3, 6.1, 7.1
Description:   Several vulnerabilities were reported in MIT Kerberos. A remote authenticated user can execute arbitrary code on the target system. A remote user can obtain potentially sensitive information. IBM AIX NAS is affected.

A remote authenticated user can send specially crafted data to trigger a use-after-free memory error in gss_process_context_token() and execute arbitrary code on the target system [CVE-2014-5352]. Other libgssrpc server applications may be affected.

A remote authenticated user can send specially crafted XDR data to trigger a use-after-free memory error in the kadmind daemon and execute arbitrary code on the target system [CVE-2014-9421]. Other libgssrpc server applications may be affected.

A remote authenticated user that has the key of a specially named principal (e.g., 'kad/root') can impersonate arbitrary users to kadmind [CVE-2014-9422].

libgssrpc applications, including kadmind, output 4-byte or 8-byte portions of uninitialized memory to the network in an unused "handle" field [CVE-2014-9423]. A remote user can obtain this information.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can obtain potentially sensitive information.

Solution:   IBM has issued an advisory for IBM AIX NAS.

The IBM advisory is available at:

http://aix.software.ibm.com/aix/efixes/security/nas_advisory3.asc

Vendor URL:  web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt (Links to External Site)
Cause:   Access control error

Message History:   This archive entry is a follow-up to the message listed below.
Feb 3 2015 MIT Kerberos Multiple Flaws in kadmind Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticted Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC