RHEL 3 : krb5 (RHSA-2004:350)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated krb5 packages that improve client responsiveness and fix
several security issues are now available for Red Hat Enterprise Linux
3.

Kerberos is a networked authentication system that uses a trusted
third party (a KDC) to authenticate clients and servers to each other.

Several double-free bugs were found in the Kerberos 5 KDC and
libraries. A remote attacker could potentially exploit these flaws to
execute arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CVE-2004-0642 and
CVE-2004-0643 to these issues.

A double-free bug was also found in the krb524 server (CVE-2004-0772),
however this issue does not affect Red Hat Enterprise Linux 3 Kerberos
packages.

An infinite loop bug was found in the Kerberos 5 ASN.1 decoder
library. A remote attacker may be able to trigger this flaw and cause
a denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0644 to this issue.

When attempting to contact a KDC, the Kerberos libraries will iterate
through the list of configured servers, attempting to contact each in
turn. If one of the servers becomes unresponsive, the client will time
out and contact the next configured server. When the library attempts
to contact the next KDC, the entire process is repeated. For
applications which must contact a KDC several times, the accumulated
time spent waiting can become significant.

This update modifies the libraries, notes which server for a given
realm last responded to a request, and attempts to contact that server
first before contacting any of the other configured servers.

All users of krb5 should upgrade to these updated packages, which
contain backported security patches to resolve these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0642.html
https://www.redhat.com/security/data/cve/CVE-2004-0643.html
https://www.redhat.com/security/data/cve/CVE-2004-0644.html
http://web.mit.edu/kerberos/advisories/
http://rhn.redhat.com/errata/RHSA-2004-350.html

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 14595 ()

Bugtraq ID:

CVE ID: CVE-2004-0642
CVE-2004-0643
CVE-2004-0644
CVE-2004-0772