Rapid7 Vulnerability & Exploit Database

CESA-2008:0164: krb5 security and bugfix update

Back to Search

CESA-2008:0164: krb5 security and bugfix update

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
03/18/2008
Created
07/25/2018
Added
03/12/2010
Modified
07/04/2017

Description

Kerberos is a network authentication system which allows clients andservers to authenticate to each other through use of symmetric encryptionand a trusted third party, the KDC.A flaw was found in the way the MIT Kerberos Authentication Service and KeyDistribution Center server (krb5kdc) handled Kerberos v4 protocol packets.An unauthenticated remote attacker could use this flaw to crash thekrb5kdc daemon, disclose portions of its memory, or possibly executearbitrary code using malformed or truncated Kerberos v4 protocol requests.(CVE-2008-0062, CVE-2008-0063)This issue only affected krb5kdc with Kerberos v4 protocol compatibilityenabled, which is the default setting on Red Hat Enterprise Linux 4.Kerberos v4 protocol support can be disabled by adding "v4_mode=none"(without the quotes) to the "[kdcdefaults]" section of/var/kerberos/krb5kdc/kdc.conf.Jeff Altman of Secure Endpoints discovered a flaw in the RPC library asused by MIT Kerberos kadmind server. An unauthenticated remote attackercould use this flaw to crash kadmind or possibly execute arbitrary code.This issue only affected systems with certain resource limits configuredand did not affect systems using default resource limits used by Red HatEnterprise Linux 5. (CVE-2008-0947)Red Hat would like to thank MIT for reporting these issues.Multiple memory management flaws were discovered in the GSSAPI library usedby MIT Kerberos. These flaws could possibly result in use of already freedmemory or an attempt to free already freed memory blocks (double-freeflaw), possibly causing a crash or arbitrary code execution.(CVE-2007-5901, CVE-2007-5971)In addition to the security issues resolved above, the following bugs werealso fixed:All krb5 users are advised to upgrade to these updated packages, whichcontain backported fixes to address these vulnerabilities and fix thesebugs.

Solution(s)

  • centos-upgrade-krb5-devel
  • centos-upgrade-krb5-libs
  • centos-upgrade-krb5-server
  • centos-upgrade-krb5-workstation

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;