Oracle Linux 5 : krb5 (ELSA-2009-0408)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

From Red Hat Security Advisory 2009:0408 :

Updated krb5 packages that fix various security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC). The Generic
Security Service Application Program Interface (GSS-API) definition
provides security services to callers (protocols) in a generic
fashion. The Simple and Protected GSS-API Negotiation (SPNEGO)
mechanism is used by GSS-API peers to choose from a common set of
security mechanisms.

An input validation flaw was found in the ASN.1 (Abstract Syntax
Notation One) decoder used by MIT Kerberos. A remote attacker could
use this flaw to crash a network service using the MIT Kerberos
library, such as kadmind or krb5kdc, by causing it to dereference or
free an uninitialized pointer. (CVE-2009-0846)

Multiple input validation flaws were found in the MIT Kerberos GSS-API
library's implementation of the SPNEGO mechanism. A remote attacker
could use these flaws to crash any network service utilizing the MIT
Kerberos GSS-API library to authenticate users or, possibly, leak
portions of the service's memory. (CVE-2009-0844, CVE-2009-0845)

All krb5 users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running services using
the MIT Kerberos libraries must be restarted for the update to take
effect.

See also :

https://oss.oracle.com/pipermail/el-errata/2009-April/000955.html

Solution :

Update the affected krb5 packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 67836 ()

Bugtraq ID:

CVE ID: CVE-2009-0844
CVE-2009-0845
CVE-2009-0846
CVE-2009-0847