Scientific Linux Security Update : krb5 on SL7.x x86_64

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

Security Fix(es) :

- A memory leak flaw was found in the krb5_unparse_name()
function of the MIT Kerberos kadmind service. An
authenticated attacker could repeatedly send specially
crafted requests to the server, which could cause the
server to consume large amounts of memory resources,
ultimately leading to a denial of service due to memory
exhaustion. (CVE-2015-8631)

- An out-of-bounds read flaw was found in the kadmind
service of MIT Kerberos. An authenticated attacker could
send a maliciously crafted message to force kadmind to
read beyond the end of allocated memory, and write the
memory contents to the KDC database if the attacker has
write permission, leading to information disclosure.

- A NULL pointer dereference flaw was found in the
procedure used by the MIT Kerberos kadmind service to
store policies: the kadm5_create_principal_3() and
kadm5_modify_principal() function did not ensure that a
policy was given when KADM5_POLICY was set. An
authenticated attacker with permissions to modify the
database could use this flaw to add or modify a
principal with a policy set to NULL, causing the kadmind
service to crash. (CVE-2015-8630)

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 90344 ()

Bugtraq ID:

CVE ID: CVE-2015-8629

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now