CVE-2014-5355

MEDIUM

Description

MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.

References

http://krbdev.mit.edu/rt/Ticket/Display.html?id=8050

http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html

http://rhn.redhat.com/errata/RHSA-2015-0794.html

http://www.mandriva.com/security/advisories?name=MDVSA-2015:069

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/74042

http://www.ubuntu.com/usn/USN-2810-1

https://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073ec

https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html

Details

Source: MITRE

Published: 2015-02-20

Updated: 2020-01-21

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
106536Debian DLA-1265-1 : krb5 security updateNessusDebian Local Security Checks
medium
90138OracleVM 3.3 / 3.4 : krb5 (OVMSA-2016-0039)NessusOracleVM Local Security Checks
medium
87560Scientific Linux Security Update : krb5 on SL7.x x86_64 (20151119)NessusScientific Linux Local Security Checks
medium
87350Amazon Linux AMI : krb5 (ALAS-2015-624)NessusAmazon Linux Local Security Checks
medium
87136CentOS 7 : krb5 (CESA-2015:2154)NessusCentOS Local Security Checks
medium
87026Oracle Linux 7 : krb5 (ELSA-2015-2154)NessusOracle Linux Local Security Checks
medium
86933RHEL 7 : krb5 (RHSA-2015:2154)NessusRed Hat Local Security Checks
medium
86872Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : krb5 vulnerabilities (USN-2810-1)NessusUbuntu Local Security Checks
high
84979SUSE SLED11 / SLES11 Security Update : krb5 (SUSE-SU-2015:1282-1)NessusSuSE Local Security Checks
medium
84914SUSE SLES12 Security Update : krb5 (SUSE-SU-2015:1276-1)NessusSuSE Local Security Checks
medium
83874AIX NAS Advisory : nas_advisory3.ascNessusAIX Local Security Checks
high
83269Amazon Linux AMI : krb5 (ALAS-2015-518)NessusAmazon Linux Local Security Checks
high
82694Scientific Linux Security Update : krb5 on SL6.x i386/x86_64 (20150409)NessusScientific Linux Local Security Checks
high
82692OracleVM 3.3 : krb5 (OVMSA-2015-0054)NessusOracleVM Local Security Checks
high
82689Oracle Linux 6 : krb5 (ELSA-2015-0794)NessusOracle Linux Local Security Checks
high
82667CentOS 6 : krb5 (CESA-2015:0794)NessusCentOS Local Security Checks
high
82656RHEL 6 : krb5 (RHSA-2015:0794)NessusRed Hat Local Security Checks
high
82322Mandriva Linux Security Advisory : krb5 (MDVSA-2015:069)NessusMandriva Local Security Checks
high
81965openSUSE Security Update : krb5 (openSUSE-2015-246)NessusSuSE Local Security Checks
medium