Gentoo Logo

MIT Kerberos 5: Arbitrary remote code execution

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200707-11 / mit-krb5
Release Date July 25, 2007
Latest Revision July 25, 2007: 01
Impact high
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
app-crypt/mit-krb5 < 1.5.2-r3 >= 1.5.2-r3 All supported architectures

Related bugreports: #183338

Synopsis

Multiple vulnerabilities in MIT Kerberos 5 could potentially result in remote code execution with root privileges by unauthenticated users.

2.  Impact Information

Background

MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol.

Description

kadmind is affected by multiple vulnerabilities in the RPC library shipped with MIT Kerberos 5. It fails to properly handle zero-length RPC credentials (CVE-2007-2442) and the RPC library can write past the end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to do proper bounds checking (CVE-2007-2798).

Impact

A remote unauthenticated attacker could exploit these vulnerabilities to execute arbitrary code with root privileges.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All MIT Kerberos 5 users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.5.2-r3"

4.  References

Print

Page updated July 25, 2007

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.