CVE-2009-4212

HIGH

Description

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

References

http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html

http://marc.info/?l=bugtraq&m=130497213107107&w=2

http://secunia.com/advisories/38080

http://secunia.com/advisories/38108

http://secunia.com/advisories/38126

http://secunia.com/advisories/38140

http://secunia.com/advisories/38184

http://secunia.com/advisories/38203

http://secunia.com/advisories/38696

http://secunia.com/advisories/40220

http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1

http://support.apple.com/kb/HT4188

http://support.avaya.com/css/P8/documents/100074869

http://ubuntu.com/usn/usn-881-1

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt

http://www.debian.org/security/2010/dsa-1969

http://www.mandriva.com/security/advisories?name=MDVSA-2010:006

http://www.securityfocus.com/bid/37749

http://www.securitytracker.com/id?1023440

http://www.vupen.com/english/advisories/2010/0096

http://www.vupen.com/english/advisories/2010/0129

http://www.vupen.com/english/advisories/2010/1481

https://bugzilla.redhat.com/show_bug.cgi?id=545015

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192

https://rhn.redhat.com/errata/RHSA-2010-0029.html

https://rhn.redhat.com/errata/RHSA-2010-0095.html

Details

Source: MITRE

Published: 2010-01-13

Updated: 2020-01-21

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
89740VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check)NessusVMware ESX Local Security Checks
critical
79475OracleVM 2.2 : krb5 (OVMSA-2011-0015)NessusOracleVM Local Security Checks
critical
67984Oracle Linux 3 / 4 / 5 : krb5 (ELSA-2010-0029)NessusOracle Linux Local Security Checks
critical
60721Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
57655GLSA-201201-13 : MIT Kerberos 5: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
50611VMSA-2010-0016 : VMware ESXi and ESX third-party updates for Service Console and Likewise componentsNessusVMware ESX Local Security Checks
critical
49875SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 6776)NessusSuSE Local Security Checks
critical
47188Fedora 11 : krb5-1.6.3-23.fc11 (2010-0515)NessusFedora Local Security Checks
critical
47187Fedora 12 : krb5-1.7-18.fc12 (2010-0503)NessusFedora Local Security Checks
critical
800793Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5571Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
47024Mac OS X Multiple Vulnerabilities (Security Update 2010-004)NessusMacOS X Local Security Checks
high
47023Mac OS X 10.6.x < 10.6.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
46765VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updatesNessusVMware ESX Local Security Checks
critical
44834Debian DSA-1969-1 : krb5 - integer underflowNessusDebian Local Security Checks
critical
44093SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 6775)NessusSuSE Local Security Checks
critical
44092SuSE 11 Security Update : Kerberos 5 (SAT Patch Number 1796)NessusSuSE Local Security Checks
critical
44090openSUSE Security Update : krb5 (krb5-1792)NessusSuSE Local Security Checks
critical
44088openSUSE Security Update : krb5 (krb5-1795)NessusSuSE Local Security Checks
critical
44086openSUSE Security Update : krb5 (krb5-1795)NessusSuSE Local Security Checks
critical
43881Mandriva Linux Security Advisory : krb5 (MDVSA-2010:006)NessusMandriva Local Security Checks
critical
43874Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : krb5 vulnerability (USN-881-1)NessusUbuntu Local Security Checks
critical
43868RHEL 3 / 4 / 5 : krb5 (RHSA-2010:0029)NessusRed Hat Local Security Checks
critical
43866CentOS 3 / 4 / 5 : krb5 (CESA-2010:0029)NessusCentOS Local Security Checks
critical