Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : krb5 vulnerabilities (USN-2498-1)

Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

It was discovered that Kerberos incorrectly sent old keys in response
to a -randkey -keepold request. An authenticated remote attacker could
use this issue to forge tickets by leveraging administrative access.
This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu
14.04 LTS. (CVE-2014-5351)

It was discovered that the libgssapi_krb5 library incorrectly
processed security context handles. A remote attacker could use this
issue to cause a denial of service, or possibly execute arbitrary
code. (CVE-2014-5352)

Patrik Kis discovered that Kerberos incorrectly handled LDAP queries
with no results. An authenticated remote attacker could use this issue
to cause the KDC to crash, resulting in a denial of service.
(CVE-2014-5353)

It was discovered that Kerberos incorrectly handled creating database
entries for a keyless principal when using LDAP. An authenticated
remote attacker could use this issue to cause the KDC to crash,
resulting in a denial of service. (CVE-2014-5354)

It was discovered that Kerberos incorrectly handled memory when
processing XDR data. A remote attacker could use this issue to cause
kadmind to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2014-9421)

It was discovered that Kerberos incorrectly handled two-component
server principals. A remote attacker could use this issue to perform
impersonation attacks. (CVE-2014-9422)

It was discovered that the libgssrpc library leaked uninitialized
bytes. A remote attacker could use this issue to possibly obtain
sensitive information. (CVE-2014-9423).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 81297 ()

Bugtraq ID: 70380
71679
71680
72494
72495
72496
72503

CVE ID: CVE-2014-5351
CVE-2014-5352
CVE-2014-5353
CVE-2014-5354
CVE-2014-9421
CVE-2014-9422
CVE-2014-9423

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now