RHEL 6 : krb5 (RHSA-2010:0925)

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated krb5 packages that fix multiple security issues and one bug
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).

Multiple checksum validation flaws were discovered in the MIT Kerberos
implementation. A remote attacker could use these flaws to tamper with
certain Kerberos protocol packets and, possibly, bypass authentication
or authorization mechanisms and escalate their privileges.
(CVE-2010-1323, CVE-2010-1324, CVE-2010-4020)

Red Hat would like to thank the MIT Kerberos Team for reporting these
issues.

This update also fixes the following bug :

* When attempting to perform PKINIT pre-authentication, if the client
had more than one possible candidate certificate the client could fail
to select the certificate and key to use. This usually occurred if
certificate selection was configured to use the value of the keyUsage
extension, or if any of the candidate certificates did not contain a
subjectAltName extension. Consequently, the client attempted to
perform pre-authentication using a different (usually password-based)
mechanism. (BZ#644825)

All krb5 users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the
updated packages, the krb5kdc daemon will be restarted automatically.

See also :

https://www.redhat.com/security/data/cve/CVE-2010-1323.html
https://www.redhat.com/security/data/cve/CVE-2010-1324.html
https://www.redhat.com/security/data/cve/CVE-2010-4020.html
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2010-007.txt
http://rhn.redhat.com/errata/RHSA-2010-0925.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.4
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 50852 ()

Bugtraq ID: 45116
45117
45118

CVE ID: CVE-2010-1323
CVE-2010-1324
CVE-2010-4020
CVE-2010-4021