vulnerability announce CVE-2012-1013
MIT krb5: denial of service of kadmind via create
Synthesis of the vulnerability
An administrator with the "create" privilege can stop the MIT krb5 kadmind service.Impacted products:
Fedora, MBS, MES, Mandriva Linux, MIT krb5, openSUSE, RHEL.
11667, 11810, 12446, BID-53784, CERTA-2012-AVI-309, CVE-2012-1013, FEDORA-2012-8784, FEDORA-2012-8803, FEDORA-2012-8805, MDVSA-2012:102, MDVSA-2013:042, openSUSE-SU-2012:0834-1, RHSA-2012:1131-01, VIGILANCE-VUL-11667.
Description of the vulnerability
The kadmind daemon is used to administer MIT krb5.
An administrator can use the kadmin command to configure MIT krb5. The add_principal (or addprinc) sub-command adds a principal, and requires the "create" privilege.
The "-allow_tix" option of add_principal forbids the creation of tickets (flag KRB5_KDB_DISALLOW_ALL_TIX). The "-randkey" option disables the usage of a password (set to NULL). However, when both options are used, the check_1_6_dummy() function dereferences the NULL password. The daemon thus stops.
An administrator with the "create" privilege can therefore stop the MIT krb5 kadmind service.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides an application vulnerability watch
. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.