CVE-2002-2443
CVSS5.0
发布时间 :2013-05-29 10:29:06
修订时间 :2016-12-06 21:59:03
NMOPS    

[原文]schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.


[CNNVD]CNNVD数据暂缺。


[机译]schpw.c在kadmind的MIT Kerberos 5中(又名krb5的)和kpasswd服务1.11.3之前没有正确通过发送伪造的反应,这允许远程攻击者造成拒绝服务(CPU和带宽消耗)之前,可以先验证UDP数据包

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-20 [输入验证不恰当]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:21141RHSA-2013:0942: krb5 security update (Moderate)
oval:org.mitre.oval:def:23920ELSA-2013:0942: krb5 security update (Moderate)
oval:org.mitre.oval:def:23478ELSA-2013:0942: krb5 security update (Moderate)
oval:org.mitre.oval:def:27603DEPRECATED: ELSA-2013-0942 -- krb5 security update (moderate)
oval:org.mitre.oval:def:25824SUSE-SU-2013:1190-1 -- Security update for krb5
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2443
(官方数据源) NVD

- 其它链接及资源

http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
(UNKNOWN)  CONFIRM  http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html
(UNKNOWN)  FEDORA  FEDORA-2013-8212
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html
(UNKNOWN)  FEDORA  FEDORA-2013-8219
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html
(UNKNOWN)  FEDORA  FEDORA-2013-8113
http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html
(UNKNOWN)  SUSE  openSUSE-SU-2013:1119
http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html
(UNKNOWN)  SUSE  openSUSE-SU-2013:1122
http://rhn.redhat.com/errata/RHSA-2013-0942.html
(UNKNOWN)  REDHAT  RHSA-2013:0942
http://www.debian.org/security/2013/dsa-2701
(UNKNOWN)  DEBIAN  DSA-2701
http://www.mandriva.com/security/advisories?name=MDVSA-2013:166
(UNKNOWN)  MANDRIVA  MDVSA-2013:166
http://www.ubuntu.com/usn/USN-2810-1
(UNKNOWN)  UBUNTU  USN-2810-1
https://bugzilla.redhat.com/show_bug.cgi?id=962531
(UNKNOWN)  CONFIRM  https://bugzilla.redhat.com/show_bug.cgi?id=962531
https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c
(UNKNOWN)  CONFIRM  https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c

- 漏洞信息 (F121693)

Mandriva Linux Security Advisory 2013-166 (PacketStormID:F121693)
2013-05-21 00:00:00
Mandriva  mandriva.com
advisory,udp
linux,mandriva
CVE-2002-2443
[点击下载]

Mandriva Linux Security Advisory 2013-166 - The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack. The updated packages have been patched to correct this issue.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:166
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : krb5
 Date    : May 21, 2013
 Affected: Business Server 1.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been discovered and corrected in krb5:
 
 The kpasswd service provided by kadmind was vulnerable to a UDP
 ping-pong attack (CVE-2002-2443).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
 https://bugzilla.redhat.com/show_bug.cgi?id=962531
 _______________________________________________________________________

 Updated Packages:

 Mandriva Enterprise Server 5:
 762c01ff4ce813cd3c5acce794c29aa3  mes5/i586/krb5-1.8.1-0.11mdvmes5.2.i586.rpm
 415beef49e20f8b89c84b0270afbf1d6  mes5/i586/krb5-pkinit-openssl-1.8.1-0.11mdvmes5.2.i586.rpm
 a6bd6778ab49710b1a50633555b0dc27  mes5/i586/krb5-server-1.8.1-0.11mdvmes5.2.i586.rpm
 497cfca620c25dd7ce523a61afdccc5e  mes5/i586/krb5-server-ldap-1.8.1-0.11mdvmes5.2.i586.rpm
 2fe4670b52795e8c74f53e7eee826c2c  mes5/i586/krb5-workstation-1.8.1-0.11mdvmes5.2.i586.rpm
 22926f634ea6ba5f816c14a2e30cc38a  mes5/i586/libkrb53-1.8.1-0.11mdvmes5.2.i586.rpm
 477f8f61cd9c8e577cd6797e850978ce  mes5/i586/libkrb53-devel-1.8.1-0.11mdvmes5.2.i586.rpm 
 77c66246600b71f6471f75054e886cd4  mes5/SRPMS/krb5-1.8.1-0.11mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 1cab52ff4c719378b97ec3acbc7d911f  mes5/x86_64/krb5-1.8.1-0.11mdvmes5.2.x86_64.rpm
 b5d51d32e5eaa96ab973e5ce151a5254  mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.11mdvmes5.2.x86_64.rpm
 6218fc79250aaec5c7ca19b193fdb8dc  mes5/x86_64/krb5-server-1.8.1-0.11mdvmes5.2.x86_64.rpm
 88de99aa8cde8adaee672c265292a355  mes5/x86_64/krb5-server-ldap-1.8.1-0.11mdvmes5.2.x86_64.rpm
 39791a90573b4de08efdaf0193bbc5dc  mes5/x86_64/krb5-workstation-1.8.1-0.11mdvmes5.2.x86_64.rpm
 846b75578bb5559cfcf7aa2ce9e43156  mes5/x86_64/lib64krb53-1.8.1-0.11mdvmes5.2.x86_64.rpm
 7351a8d2be13df25ab9c2534489a2da0  mes5/x86_64/lib64krb53-devel-1.8.1-0.11mdvmes5.2.x86_64.rpm 
 77c66246600b71f6471f75054e886cd4  mes5/SRPMS/krb5-1.8.1-0.11mdvmes5.2.src.rpm

 Mandriva Business Server 1/X86_64:
 3150d604a21be2373d223457da156734  mbs1/x86_64/krb5-1.9.2-3.3.mbs1.x86_64.rpm
 52729f0759e686cfdf5f9c99efc28862  mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.3.mbs1.x86_64.rpm
 4b997282ad6dd76eb7a10f07809bef71  mbs1/x86_64/krb5-server-1.9.2-3.3.mbs1.x86_64.rpm
 b10b3c0211e071ab93e818db684098f9  mbs1/x86_64/krb5-server-ldap-1.9.2-3.3.mbs1.x86_64.rpm
 417d23306554b1d7d290e8d3fed1a2d8  mbs1/x86_64/krb5-workstation-1.9.2-3.3.mbs1.x86_64.rpm
 a17c8e2438c0415c9ea478bcc0715101  mbs1/x86_64/lib64krb53-1.9.2-3.3.mbs1.x86_64.rpm
 2d05c4ac4b44be10ea1e3d4337689512  mbs1/x86_64/lib64krb53-devel-1.9.2-3.3.mbs1.x86_64.rpm 
 95305e2323d63546e970538b7d692447  mbs1/SRPMS/krb5-1.9.2-3.3.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRm3ZlmqjQ0CJFipgRAmRWAJ42vFSB5f9jXtt3hRarBQpqxARd/ACfa9qv
esFWMrXe/0P1/wv2ag87c6w=
=Lg3K
-----END PGP SIGNATURE-----


    

- 漏洞信息 (F121850)

Debian Security Advisory 2701-1 (PacketStormID:F121850)
2013-06-02 00:00:00
Debian  debian.org
advisory,denial of service,udp
linux,debian
CVE-2002-2443
[点击下载]

Debian Linux Security Advisory 2701-1 - It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2701-1                   security@debian.org
http://www.debian.org/security/                           Michael Gilbert
May 29, 2013                           http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : krb5
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2002-2443
Debian Bug     : 708267

It was discovered that the kpasswd service running on UDP port 464
could respond to response packets, creating a packet loop and a denial
of service condition.

For the oldstable distribution (squeeze), this problem has been fixed in
version 1.8.3+dfsg-4squeeze7.

For the stable distribution (wheezy), this problem has been fixed in
version 1.10.1+dfsg-5+deb7u1.

For the testing distribution (jessie), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 1.10.1+dfsg-6.

We recommend that you upgrade your krb5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJRq7cMAAoJEL97/wQC1SS+XokH/32tha0CmciAxPGHrbMg2sdq
sETbeDWKmClD9FLBBh4q6F69L6rA2mvBpuB01bL56UTvBHMOqHzIfyKYyhSDJ8N9
iU4FYQe3y2YHDyYhtMmckvsfPZeqQuxbBr9+zrEwZmi3zGzyTRMNeyfNpVdUo5SQ
YpNcw3ycia3wIsuVrdp74TSUowAgojvvCVxU9F6JuiXc7SNbu7/PiPXt3d4Y9agq
S/7D2IgLotNAclGP+Qwrvu4OEoZrGZ6wKMA5Elzh/YSW+LWQNTKRWAZu5S7KIkOb
4+4sNfaDoRaVmo6cY+VoQcDxxwabkyQVhtk9NZdwqhIm/wZAdw9pIb+UgH5b47s=
=uI9w
-----END PGP SIGNATURE-----


    

- 漏洞信息 (F121988)

Red Hat Security Advisory 2013-0942-01 (PacketStormID:F121988)
2013-06-12 00:00:00
Red Hat  
advisory,remote,spoof
linux,redhat
CVE-2002-2443
[点击下载]

Red Hat Security Advisory 2013-0942-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: krb5 security update
Advisory ID:       RHSA-2013:0942-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0942.html
Issue date:        2013-06-12
CVE Names:         CVE-2002-2443 
=====================================================================

1. Summary:

Updated krb5 packages that fix one security issue are now available for
Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

3. Description:

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third-party, the Key Distribution Center (KDC).

It was found that kadmind's kpasswd service did not perform any validation
on incoming network packets, causing it to reply to all requests. A remote
attacker could use this flaw to send spoofed packets to a kpasswd
service that appear to come from kadmind on a different server, causing the
services to keep replying packets to each other, consuming network
bandwidth and CPU. (CVE-2002-2443)

All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the krb5kdc and kadmind daemons will be restarted automatically.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

962531 - CVE-2002-2443 krb5: UDP ping-pong flaw in kpasswd

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-70.el5_9.2.src.rpm

i386:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-libs-1.6.1-70.el5_9.2.i386.rpm
krb5-workstation-1.6.1-70.el5_9.2.i386.rpm

x86_64:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.x86_64.rpm
krb5-libs-1.6.1-70.el5_9.2.i386.rpm
krb5-libs-1.6.1-70.el5_9.2.x86_64.rpm
krb5-workstation-1.6.1-70.el5_9.2.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.6.1-70.el5_9.2.src.rpm

i386:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-devel-1.6.1-70.el5_9.2.i386.rpm
krb5-server-1.6.1-70.el5_9.2.i386.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.i386.rpm

x86_64:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.x86_64.rpm
krb5-devel-1.6.1-70.el5_9.2.i386.rpm
krb5-devel-1.6.1-70.el5_9.2.x86_64.rpm
krb5-server-1.6.1-70.el5_9.2.x86_64.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/krb5-1.6.1-70.el5_9.2.src.rpm

i386:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-devel-1.6.1-70.el5_9.2.i386.rpm
krb5-libs-1.6.1-70.el5_9.2.i386.rpm
krb5-server-1.6.1-70.el5_9.2.i386.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.i386.rpm
krb5-workstation-1.6.1-70.el5_9.2.i386.rpm

ia64:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.ia64.rpm
krb5-devel-1.6.1-70.el5_9.2.ia64.rpm
krb5-libs-1.6.1-70.el5_9.2.i386.rpm
krb5-libs-1.6.1-70.el5_9.2.ia64.rpm
krb5-server-1.6.1-70.el5_9.2.ia64.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.ia64.rpm
krb5-workstation-1.6.1-70.el5_9.2.ia64.rpm

ppc:
krb5-debuginfo-1.6.1-70.el5_9.2.ppc.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.ppc64.rpm
krb5-devel-1.6.1-70.el5_9.2.ppc.rpm
krb5-devel-1.6.1-70.el5_9.2.ppc64.rpm
krb5-libs-1.6.1-70.el5_9.2.ppc.rpm
krb5-libs-1.6.1-70.el5_9.2.ppc64.rpm
krb5-server-1.6.1-70.el5_9.2.ppc.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.ppc.rpm
krb5-workstation-1.6.1-70.el5_9.2.ppc.rpm

s390x:
krb5-debuginfo-1.6.1-70.el5_9.2.s390.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.s390x.rpm
krb5-devel-1.6.1-70.el5_9.2.s390.rpm
krb5-devel-1.6.1-70.el5_9.2.s390x.rpm
krb5-libs-1.6.1-70.el5_9.2.s390.rpm
krb5-libs-1.6.1-70.el5_9.2.s390x.rpm
krb5-server-1.6.1-70.el5_9.2.s390x.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.s390x.rpm
krb5-workstation-1.6.1-70.el5_9.2.s390x.rpm

x86_64:
krb5-debuginfo-1.6.1-70.el5_9.2.i386.rpm
krb5-debuginfo-1.6.1-70.el5_9.2.x86_64.rpm
krb5-devel-1.6.1-70.el5_9.2.i386.rpm
krb5-devel-1.6.1-70.el5_9.2.x86_64.rpm
krb5-libs-1.6.1-70.el5_9.2.i386.rpm
krb5-libs-1.6.1-70.el5_9.2.x86_64.rpm
krb5-server-1.6.1-70.el5_9.2.x86_64.rpm
krb5-server-ldap-1.6.1-70.el5_9.2.x86_64.rpm
krb5-workstation-1.6.1-70.el5_9.2.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

i386:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.i686.rpm
krb5-workstation-1.10.3-10.el6_4.3.i686.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.3.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

i386:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-server-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

i386:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.i686.rpm
krb5-server-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-workstation-1.10.3-10.el6_4.3.i686.rpm

ppc64:
krb5-debuginfo-1.10.3-10.el6_4.3.ppc.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.ppc64.rpm
krb5-devel-1.10.3-10.el6_4.3.ppc.rpm
krb5-devel-1.10.3-10.el6_4.3.ppc64.rpm
krb5-libs-1.10.3-10.el6_4.3.ppc.rpm
krb5-libs-1.10.3-10.el6_4.3.ppc64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.ppc64.rpm
krb5-server-1.10.3-10.el6_4.3.ppc64.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.ppc.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.ppc64.rpm
krb5-workstation-1.10.3-10.el6_4.3.ppc64.rpm

s390x:
krb5-debuginfo-1.10.3-10.el6_4.3.s390.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.s390x.rpm
krb5-devel-1.10.3-10.el6_4.3.s390.rpm
krb5-devel-1.10.3-10.el6_4.3.s390x.rpm
krb5-libs-1.10.3-10.el6_4.3.s390.rpm
krb5-libs-1.10.3-10.el6_4.3.s390x.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.s390x.rpm
krb5-server-1.10.3-10.el6_4.3.s390x.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.s390.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.s390x.rpm
krb5-workstation-1.10.3-10.el6_4.3.s390x.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.3.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/krb5-1.10.3-10.el6_4.3.src.rpm

i386:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.i686.rpm
krb5-server-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-workstation-1.10.3-10.el6_4.3.i686.rpm

x86_64:
krb5-debuginfo-1.10.3-10.el6_4.3.i686.rpm
krb5-debuginfo-1.10.3-10.el6_4.3.x86_64.rpm
krb5-devel-1.10.3-10.el6_4.3.i686.rpm
krb5-devel-1.10.3-10.el6_4.3.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.3.i686.rpm
krb5-libs-1.10.3-10.el6_4.3.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-1.10.3-10.el6_4.3.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.3.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2002-2443.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFRuKhxXlSAg2UNWIIRAuEZAJ9YgFoyhp++XuH+PFVXD9/8MupERACgs2eM
AUTouQ1hh+B4Rsoskma2QtM=
=2IZt
-----END PGP SIGNATURE-----


--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
    

- 漏洞信息 (F124469)

Gentoo Linux Security Advisory 201312-12 (PacketStormID:F124469)
2013-12-17 00:00:00
Gentoo  security.gentoo.org
advisory,denial of service,arbitrary,vulnerability
linux,gentoo
CVE-2002-2443,CVE-2012-1014,CVE-2012-1015,CVE-2013-1416,CVE-2013-1417,CVE-2013-1418,CVE-2013-6800
[点击下载]

Gentoo Linux Security Advisory 201312-12 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, allowing execution of arbitrary code or Denial of Service. Versions less than 1.11.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201312-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: MIT Kerberos 5: Multiple vulnerabilities
     Date: December 16, 2013
     Bugs: #429324, #466268, #469752, #490668, #494062, #494064
       ID: 201312-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been discovered in MIT Kerberos 5,
allowing execution of arbitrary code or Denial of Service.

Background
==========

MIT Kerberos 5 is a suite of applications that implement the Kerberos
network protocol.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  app-crypt/mit-krb5           < 1.11.4                  >= 1.11.4

Description
===========

Multiple vulnerabilities have been discovered in the Key Distribution
Center in MIT Kerberos 5. Please review the CVE identifiers referenced
below for details.

Impact
======

A remote attacker could send a specially crafted request, possibly
resulting in execution of arbitrary code with the privileges of the
process or a Denial of Service condition. Additionally, a remote
attacker could impersonate a kadmind server and send a specially
crafted packet to the password change port, which can result in a
ping-pong condition and a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MIT Kerberos 5 users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.11.4"

References
==========

[ 1 ] CVE-2002-2443
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-2443
[ 2 ] CVE-2012-1014
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1014
[ 3 ] CVE-2012-1015
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1015
[ 4 ] CVE-2013-1416
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1416
[ 5 ] CVE-2013-1417
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1417
[ 6 ] CVE-2013-1418
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1418
[ 7 ] CVE-2013-6800
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6800

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 http://security.gentoo.org/glsa/glsa-201312-12.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
    

- 漏洞信息 (F125919)

EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout (PacketStormID:F125919)
2014-03-27 00:00:00
 
advisory,vulnerability
CVE-2002-2443,CVE-2011-1044,CVE-2011-3389,CVE-2011-4110,CVE-2012-0814,CVE-2012-2136,CVE-2012-5166,CVE-2013-1667,CVE-2014-0632,CVE-2014-0633,CVE-2014-0634,CVE-2014-0635
[点击下载]

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-016: EMC VPLEX Multiple Vulnerabilities

EMC Identifier: ESA-2014-016 

CVE Identifier: See below for individual CVEs

Severity Rating: CVSS v2 Base Score: See below for individual CVSS scores

Affected products: 

All versions from VPLEX GeoSynchrony 4.0 through VPLEX GeoSynchrony 5.2.1 are affected

Summary: 

EMC VPLEX GeoSynchrony 5.3 contains fixes for multiple vulnerabilities that could potentially be exploited by malicious users.

Details: 

    

- 漏洞信息 (F134320)

Ubuntu Security Notice USN-2810-1 (PacketStormID:F134320)
2015-11-12 00:00:00
Ubuntu  security.ubuntu.com
advisory,remote,denial of service,udp
linux,ubuntu
CVE-2002-2443,CVE-2014-5355,CVE-2015-2694,CVE-2015-2695,CVE-2015-2696,CVE-2015-2697,CVE-2015-2698
[点击下载]

Ubuntu Security Notice 2810-1 - It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. It was discovered that Kerberos incorrectly handled null bytes in certain data fields. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

============================================================================
Ubuntu Security Notice USN-2810-1
November 12, 2015

krb5 vulnerabilities
============================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Kerberos.

Software Description:
- krb5: MIT Kerberos Network Authentication Protocol

Details:

It was discovered that the Kerberos kpasswd service incorrectly handled
certain UDP packets. A remote attacker could possibly use this issue to
cause resource consumption, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS. (CVE-2002-2443)

It was discovered that Kerberos incorrectly handled null bytes in certain
data fields. A remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu
14.04 LTS. (CVE-2014-5355)

It was discovered that the Kerberos kdcpreauth modules incorrectly tracked
certain client requests. A remote attacker could possibly use this issue
to bypass intended preauthentication requirements. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-2694)

It was discovered that Kerberos incorrectly handled certain SPNEGO packets.
A remote attacker could possibly use this issue to cause a denial of
service. (CVE-2015-2695)

It was discovered that Kerberos incorrectly handled certain IAKERB packets.
A remote attacker could possibly use this issue to cause a denial of
service. (CVE-2015-2696, CVE-2015-2698)

It was discovered that Kerberos incorrectly handled certain TGS requests. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2015-2697)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
  krb5-admin-server               1.13.2+dfsg-2ubuntu0.1
  krb5-k5tls                      1.13.2+dfsg-2ubuntu0.1
  krb5-kdc                        1.13.2+dfsg-2ubuntu0.1
  krb5-kdc-ldap                   1.13.2+dfsg-2ubuntu0.1
  krb5-otp                        1.13.2+dfsg-2ubuntu0.1
  krb5-pkinit                     1.13.2+dfsg-2ubuntu0.1
  krb5-user                       1.13.2+dfsg-2ubuntu0.1
  libgssapi-krb5-2                1.13.2+dfsg-2ubuntu0.1
  libgssrpc4                      1.13.2+dfsg-2ubuntu0.1
  libk5crypto3                    1.13.2+dfsg-2ubuntu0.1
  libkadm5clnt-mit9               1.13.2+dfsg-2ubuntu0.1
  libkdb5-8                       1.13.2+dfsg-2ubuntu0.1
  libkrad0                        1.13.2+dfsg-2ubuntu0.1
  libkrb5-3                       1.13.2+dfsg-2ubuntu0.1
  libkrb5support0                 1.13.2+dfsg-2ubuntu0.1

Ubuntu 15.04:
  krb5-admin-server               1.12.1+dfsg-18ubuntu0.1
  krb5-kdc                        1.12.1+dfsg-18ubuntu0.1
  krb5-kdc-ldap                   1.12.1+dfsg-18ubuntu0.1
  krb5-otp                        1.12.1+dfsg-18ubuntu0.1
  krb5-pkinit                     1.12.1+dfsg-18ubuntu0.1
  krb5-user                       1.12.1+dfsg-18ubuntu0.1
  libgssapi-krb5-2                1.12.1+dfsg-18ubuntu0.1
  libgssrpc4                      1.12.1+dfsg-18ubuntu0.1
  libk5crypto3                    1.12.1+dfsg-18ubuntu0.1
  libkadm5clnt-mit9               1.12.1+dfsg-18ubuntu0.1
  libkdb5-7                       1.12.1+dfsg-18ubuntu0.1
  libkrad0                        1.12.1+dfsg-18ubuntu0.1
  libkrb5-3                       1.12.1+dfsg-18ubuntu0.1
  libkrb5support0                 1.12.1+dfsg-18ubuntu0.1

Ubuntu 14.04 LTS:
  krb5-admin-server               1.12+dfsg-2ubuntu5.2
  krb5-kdc                        1.12+dfsg-2ubuntu5.2
  krb5-kdc-ldap                   1.12+dfsg-2ubuntu5.2
  krb5-otp                        1.12+dfsg-2ubuntu5.2
  krb5-pkinit                     1.12+dfsg-2ubuntu5.2
  krb5-user                       1.12+dfsg-2ubuntu5.2
  libgssapi-krb5-2                1.12+dfsg-2ubuntu5.2
  libgssrpc4                      1.12+dfsg-2ubuntu5.2
  libk5crypto3                    1.12+dfsg-2ubuntu5.2
  libkadm5clnt-mit9               1.12+dfsg-2ubuntu5.2
  libkdb5-7                       1.12+dfsg-2ubuntu5.2
  libkrad0                        1.12+dfsg-2ubuntu5.2
  libkrb5-3                       1.12+dfsg-2ubuntu5.2
  libkrb5support0                 1.12+dfsg-2ubuntu5.2

Ubuntu 12.04 LTS:
  krb5-admin-server               1.10+dfsg~beta1-2ubuntu0.7
  krb5-kdc                        1.10+dfsg~beta1-2ubuntu0.7
  krb5-kdc-ldap                   1.10+dfsg~beta1-2ubuntu0.7
  krb5-pkinit                     1.10+dfsg~beta1-2ubuntu0.7
  krb5-user                       1.10+dfsg~beta1-2ubuntu0.7
  libgssapi-krb5-2                1.10+dfsg~beta1-2ubuntu0.7
  libgssrpc4                      1.10+dfsg~beta1-2ubuntu0.7
  libk5crypto3                    1.10+dfsg~beta1-2ubuntu0.7
  libkadm5clnt-mit8               1.10+dfsg~beta1-2ubuntu0.7
  libkdb5-6                       1.10+dfsg~beta1-2ubuntu0.7
  libkrb5-3                       1.10+dfsg~beta1-2ubuntu0.7
  libkrb53                        1.10+dfsg~beta1-2ubuntu0.7
  libkrb5support0                 1.10+dfsg~beta1-2ubuntu0.7

In general, a standard system update will make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-2810-1
  CVE-2002-2443, CVE-2014-5355, CVE-2015-2694, CVE-2015-2695,
  CVE-2015-2696, CVE-2015-2697, CVE-2015-2698

Package Information:
  https://launchpad.net/ubuntu/+source/krb5/1.13.2+dfsg-2ubuntu0.1
  https://launchpad.net/ubuntu/+source/krb5/1.12.1+dfsg-18ubuntu0.1
  https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu5.2
  https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.7
    

- 漏洞信息

93240
MIT Kerberos 5 kpasswd Service Spoofed Packet Remote DoS
Remote / Network Access Denial of Service
Loss of Availability Patch / RCS, Upgrade
Exploit Public Uncoordinated Disclosure

- 漏洞描述

MIT Kerberos 5 contains a flaw in the kpasswd service that may allow a remote denial of service. The issue is due to the program responding to all requests contacted via the UDP port. With a malformed spoofed packet sent to multiple machines running the vulnerable service, a remote attacker can cause a saturation of data and cause an exhaustion of system resources

- 时间线

2001-03-25 Unknow
2001-03-25 2013-05-03

- 解决方案

It has been reported that this issue has been fixed. Upgrade to version 1.11.3, or higher, to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

MIT Kerberos 5 kadmind CVE-2002-2443 Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 60008
Yes No
2013-05-14 12:00:00 2013-05-23 02:03:00
Tom Yu

- 受影响的程序版本

Red Hat Fedora 17
MIT Kerberos 5 1.8.3
MIT Kerberos 5 1.10.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5

- 漏洞讨论

MIT Kerberos 5 is prone to a remote denial-of-service vulnerability in 'kadmind'.

Attackers can exploit this issue to consume network bandwidth and CPU resources, denying service to legitimate users.

MIT Kerberos 5 1.8.3 and 1.10.1 are vulnerable; other versions may also be affected.

- 漏洞利用

An attacker can exploit this issue using readily available tools.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站