CVE-2009-4212

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

References

http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html

http://marc.info/?l=bugtraq&m=130497213107107&w=2

http://secunia.com/advisories/38080

http://secunia.com/advisories/38108

http://secunia.com/advisories/38126

http://secunia.com/advisories/38140

http://secunia.com/advisories/38184

http://secunia.com/advisories/38203

http://secunia.com/advisories/38696

http://secunia.com/advisories/40220

http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1

http://support.apple.com/kb/HT4188

http://support.avaya.com/css/P8/documents/100074869

http://ubuntu.com/usn/usn-881-1

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt

http://www.debian.org/security/2010/dsa-1969

http://www.mandriva.com/security/advisories?name=MDVSA-2010:006

http://www.securityfocus.com/bid/37749

http://www.securitytracker.com/id?1023440

http://www.vupen.com/english/advisories/2010/0096

http://www.vupen.com/english/advisories/2010/0129

http://www.vupen.com/english/advisories/2010/1481

https://bugzilla.redhat.com/show_bug.cgi?id=545015

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192

https://rhn.redhat.com/errata/RHSA-2010-0029.html

https://rhn.redhat.com/errata/RHSA-2010-0095.html

Details

Source: MITRE

Published: 2010-01-13

Updated: 2020-01-21

Type: CWE-189

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
89740VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check)NessusVMware ESX Local Security Checks
critical
79475OracleVM 2.2 : krb5 (OVMSA-2011-0015)NessusOracleVM Local Security Checks
low
67984Oracle Linux 3 / 4 / 5 : krb5 (ELSA-2010-0029)NessusOracle Linux Local Security Checks
critical
60721Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
57655GLSA-201201-13 : MIT Kerberos 5: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
50611VMSA-2010-0016 : VMware ESXi and ESX third-party updates for Service Console and Likewise componentsNessusVMware ESX Local Security Checks
critical
49875SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 6776)NessusSuSE Local Security Checks
critical
47188Fedora 11 : krb5-1.6.3-23.fc11 (2010-0515)NessusFedora Local Security Checks
critical
47187Fedora 12 : krb5-1.7-18.fc12 (2010-0503)NessusFedora Local Security Checks
critical
800793Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5571Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
47024Mac OS X Multiple Vulnerabilities (Security Update 2010-004)NessusMacOS X Local Security Checks
high
47023Mac OS X 10.6.x < 10.6.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
46765VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updatesNessusVMware ESX Local Security Checks
high
44834Debian DSA-1969-1 : krb5 - integer underflowNessusDebian Local Security Checks
critical
44093SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 6775)NessusSuSE Local Security Checks
critical
44092SuSE 11 Security Update : Kerberos 5 (SAT Patch Number 1796)NessusSuSE Local Security Checks
critical
44090openSUSE Security Update : krb5 (krb5-1792)NessusSuSE Local Security Checks
critical
44088openSUSE Security Update : krb5 (krb5-1795)NessusSuSE Local Security Checks
critical
44086openSUSE Security Update : krb5 (krb5-1795)NessusSuSE Local Security Checks
critical
43881Mandriva Linux Security Advisory : krb5 (MDVSA-2010:006)NessusMandriva Local Security Checks
critical
43874Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : krb5 vulnerability (USN-881-1)NessusUbuntu Local Security Checks
critical
43868RHEL 3 / 4 / 5 : krb5 (RHSA-2010:0029)NessusRed Hat Local Security Checks
critical
43866CentOS 3 / 4 / 5 : krb5 (CESA-2010:0029)NessusCentOS Local Security Checks
critical