Mandrake Linux Security Advisory : krb5 (MDKSA-2004:088)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A double-free vulnerability exists in the MIT Kerberos 5's KDC program
that could potentially allow a remote attacker to execute arbitrary
code on the KDC host. As well, multiple double-free vulnerabilities
exist in the krb5 library code, which makes client programs and
application servers vulnerable. The MIT Kerberos 5 development team
believes that exploitation of these bugs would be difficult and no
known vulnerabilities are believed to exist. The vulnerability in
krb524d was discovered by Marc Horowitz; the other double-free
vulnerabilities were discovered by Will Fiveash and Nico Williams at
Sun.

Will Fiveash and Nico Williams also found another vulnerability in the
ASN.1 decoder library. This makes krb5 vulnerable to a DoS (Denial of
Service) attack causing an infinite loop in the decoder. The KDC is
vulnerable to this attack.

The MIT Kerberos 5 team has provided patches which have been applied
to the updated software to fix these issues. Mandrakesoft encourages
all users to upgrade immediately.

See also :

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14673 (mandrake_MDKSA-2004-088.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0642
CVE-2004-0643
CVE-2004-0644
CVE-2004-0772

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now