Home / mailingsPDF  

[USN-2498-1] Kerberos vulnerabilities

Posted on 10 February 2015
Ubuntu Security

==========================
==========================
========================
Ubuntu Security Notice USN-2498-1
February 10, 2015

krb5 vulnerabilities
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Kerberos.

Software Description:
- krb5: MIT Kerberos Network Authentication Protocol

Details:

It was discovered that Kerberos incorrectly sent old keys in response to =
a
-randkey -keepold request. An authenticated remote attacker could use thi=
s
issue to forge tickets by leveraging administrative access. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-5351)

It was discovered that the libgssapi_krb5 library incorrectly processed
security context handles. A remote attacker could use this issue to cause=

a denial of service, or possibly execute arbitrary code. (CVE-2014-5352)

Patrik Kis discovered that Kerberos incorrectly handled LDAP queries with=

no results. An authenticated remote attacker could use this issue to caus=
e
the KDC to crash, resulting in a denial of service. (CVE-2014-5353)

It was discovered that Kerberos incorrectly handled creating database
entries for a keyless principal when using LDAP. An authenticated remote
attacker could use this issue to cause the KDC to crash, resulting in a
denial of service. (CVE-2014-5354)

It was discovered that Kerberos incorrectly handled memory when processin=
g
XDR data. A remote attacker could use this issue to cause kadmind to cras=
h,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2014-9421)

It was discovered that Kerberos incorrectly handled two-component server
principals. A remote attacker could use this issue to perform impersonati=
on
attacks. (CVE-2014-9422)

It was discovered that the libgssrpc library leaked uninitialized bytes. =
A
remote attacker could use this issue to possibly obtain sensitive
information. (CVE-2014-9423)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
krb5-admin-server 1.12.1+dfsg-10ubuntu0.1
krb5-kdc 1.12.1+dfsg-10ubuntu0.1
krb5-kdc-ldap 1.12.1+dfsg-10ubuntu0.1
krb5-otp 1.12.1+dfsg-10ubuntu0.1
krb5-pkinit 1.12.1+dfsg-10ubuntu0.1
krb5-user 1.12.1+dfsg-10ubuntu0.1
libgssapi-krb5-2 1.12.1+dfsg-10ubuntu0.1
libgssrpc4 1.12.1+dfsg-10ubuntu0.1
libk5crypto3 1.12.1+dfsg-10ubuntu0.1
libkadm5clnt-mit9 1.12.1+dfsg-10ubuntu0.1
libkadm5srv-mit9 1.12.1+dfsg-10ubuntu0.1
libkdb5-7 1.12.1+dfsg-10ubuntu0.1
libkrad0 1.12.1+dfsg-10ubuntu0.1
libkrb5-3 1.12.1+dfsg-10ubuntu0.1
libkrb5support0 1.12.1+dfsg-10ubuntu0.1

Ubuntu 14.04 LTS:
krb5-admin-server 1.12+dfsg-2ubuntu5.1
krb5-kdc 1.12+dfsg-2ubuntu5.1
krb5-kdc-ldap 1.12+dfsg-2ubuntu5.1
krb5-otp 1.12+dfsg-2ubuntu5.1
krb5-pkinit 1.12+dfsg-2ubuntu5.1
krb5-user 1.12+dfsg-2ubuntu5.1
libgssapi-krb5-2 1.12+dfsg-2ubuntu5.1
libgssrpc4 1.12+dfsg-2ubuntu5.1
libk5crypto3 1.12+dfsg-2ubuntu5.1
libkadm5clnt-mit9 1.12+dfsg-2ubuntu5.1
libkadm5srv-mit8 1.12+dfsg-2ubuntu5.1
libkadm5srv-mit9 1.12+dfsg-2ubuntu5.1
libkdb5-7 1.12+dfsg-2ubuntu5.1
libkrad0 1.12+dfsg-2ubuntu5.1
libkrb5-3 1.12+dfsg-2ubuntu5.1
libkrb5support0 1.12+dfsg-2ubuntu5.1

Ubuntu 12.04 LTS:
krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.6
krb5-kdc 1.10+dfsg~beta1-2ubuntu0.6
krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.6
krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.6
krb5-user 1.10+dfsg~beta1-2ubuntu0.6
libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.6
libgssrpc4 1.10+dfsg~beta1-2ubuntu0.6
libk5crypto3 1.10+dfsg~beta1-2ubuntu0.6
libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.6
libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.6
libkdb5-6 1.10+dfsg~beta1-2ubuntu0.6
libkrb5-3 1.10+dfsg~beta1-2ubuntu0.6
libkrb53 1.10+dfsg~beta1-2ubuntu0.6
libkrb5support0 1.10+dfsg~beta1-2ubuntu0.6

Ubuntu 10.04 LTS:
krb5-admin-server 1.8.1+dfsg-2ubuntu0.14
krb5-kdc 1.8.1+dfsg-2ubuntu0.14
krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.14
krb5-pkinit 1.8.1+dfsg-2ubuntu0.14
krb5-user 1.8.1+dfsg-2ubuntu0.14
libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.14
libgssrpc4 1.8.1+dfsg-2ubuntu0.14
libk5crypto3 1.8.1+dfsg-2ubuntu0.14
libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.14
libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.14
libkdb5-4 1.8.1+dfsg-2ubuntu0.14
libkrb5-3 1.8.1+dfsg-2ubuntu0.14
libkrb5support0 1.8.1+dfsg-2ubuntu0.14

In general, a standard system update will make all the necessary changes.=


References:
http://www.ubuntu.com/usn/usn-2498-1
CVE-2014-5351, CVE-2014-5352, CVE-2014-5353, CVE-2014-5354,
CVE-2014-9421, CVE-2014-9422, CVE-2014-9423

Package Information:
https://launchpad.net/ubuntu/+source/krb5/1.12.1+dfsg-10ubuntu0.1
https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu5.1
https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.6
https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.14

 

TOP

Mailings :

Exploits :