Detections
Analytics
Debian DSA-2518-1 : krb5 - denial of service and remote code execution
high Nessus Plugin ID 61374
Language:
Synopsis
The remote Debian host is missing a security-related update.Description
Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT Kerberos, a daemon implementing the network authentication protocol.- CVE-2012-1014 By sending specially crafted AS-REQ (Authentication Service Request) to a KDC (Key Distribution Center), an attacker could make it free an uninitialized pointer, corrupting the heap. This can lead to process crash or even arbitrary code execution.
This CVE only affects testing (wheezy) and unstable (sid) distributions.
- CVE-2012-1015 By sending specially crafted AS-REQ to a KDC, an attacker could make it dereference an uninitialized pointer, leading to process crash or even arbitrary code execution
In both cases, arbitrary code execution is believed to be difficult to achieve, but might not be impossible.
Solution
Upgrade the krb5 packages.For the stable distribution (squeeze), this problem has been fixed in version 1.8.3+dfsg-4squeeze6.
See Also
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429
https://security-tracker.debian.org/tracker/CVE-2012-1014
https://security-tracker.debian.org/tracker/CVE-2012-1015
Plugin Details
Severity: High
ID: 61374
File Name: debian_DSA-2518.nasl
Version: 1.13
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 8/1/2012
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:debian:debian_linux:6.0, p-cpe:/a:debian:debian_linux:krb5
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Patch Publication Date: 7/31/2012
Reference Information
CVE: CVE-2012-1014, CVE-2012-1015
DSA: 2518