Oracle Solaris Third-Party Patch Update : kerberos (multiple_input_validation_vulnerabilities_in)

high Nessus Plugin ID 80650

Synopsis

The remote Solaris system is missing a security patch for third-party software.

Description

The remote Solaris system is missing necessary patches to address security updates :

- The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151. (CVE-2011-1528)

- The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. (CVE-2011-1529)

- The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different vulnerability than CVE-2011-1528. (CVE-2011-4151)

Solution

Upgrade to Solaris 11.1.

See Also

http://www.nessus.org/u?4a913f44

http://www.nessus.org/u?103a3cab

Plugin Details

Severity: High

ID: 80650

File Name: solaris11_kerberos_20130702.nasl

Version: 1.3

Type: local

Published: 1/19/2015

Updated: 1/14/2021

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:oracle:solaris:11.1, p-cpe:/a:oracle:solaris:kerberos

Required KB Items: Host/local_checks_enabled, Host/Solaris11/release, Host/Solaris11/pkg-list

Patch Publication Date: 7/2/2013

Reference Information

CVE: CVE-2011-1528, CVE-2011-1529, CVE-2011-4151