The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of MIT krb5: NULL pointer dereference via GSSAPI

Synthesis of the vulnerability 

An attacker can force a NULL pointer to be dereferenced in the server process Kerberos, in order to trigger a denial of service.
Vulnerable software: BIG-IP Hardware, TMOS, Fedora, AIX, MIT krb5, openSUSE, RHEL, Ubuntu.
Severity of this announce: 2/4.
Creation date: 11/08/2014.
Références of this computer vulnerability: 755521, CVE-2014-4344, FEDORA-2014-8176, FEDORA-2014-8189, MDVSA-2014:165, openSUSE-SU-2014:0977-1, RHSA-2014:1245-01, RHSA-2014:1389-02, RHSA-2015:0439-01, SOL15561, USN-2310-1, VIGILANCE-VUL-15145.

Description of the vulnerability 

During an authentication with Kerberos, in the protocol step named SPNEGO, the client send a packet with his identity, typically a username.

However, the Kerberos server does not check whether this username field is valid. If it is empty, the server process try to follow a NULL pointer.

An attacker can therefore force a NULL pointer to be dereferenced in the server process Kerberos, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat note impacts software or systems such as BIG-IP Hardware, TMOS, Fedora, AIX, MIT krb5, openSUSE, RHEL, Ubuntu.

Our Vigil@nce team determined that the severity of this cybersecurity note is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

An attacker with a expert ability can exploit this vulnerability note.

Solutions for this threat 

MIT krb5: version 1.12.2.
The version 1.12.2 is fixed:
  http://web.mit.edu/kerberos/

MIT krb5: version 1.11.6.
The version 1.11.6 is fixed:
  http://web.mit.edu/kerberos/

AIX: patch for NAS.
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/nas1_fix.tar

F5 BIG-IP: fixed versions for MIT Kerberos 5 CVE-2014-4344.
Fixed versions are indicated in information sources.

Fedora: new krb5 packages.
New packages are available:
  Fedora 20: krb5 1.11.5-10.fc20
  Fedora 19: krb5 1.11.3-24.fc19

Mandriva: new krb5 packages.
New packages are available:
  Mandriva BS1: krb5 1.9.2-3.5.mbs1

openSUSE: new krb5 packages.
New packages are available:
  openSUSE 13.1: krb5 1.11.3-3.8.1
  openSUSE 12.3: krb5 1.10.2-10.26.1

RHEL 5: new krb5 packages.
New packages are available:
  RHEL 5: krb5 1.6.1-78.el5

RHEL 6: new krb5 packages.
New packages are available:
  RHEL 6: krb5 1.10.3-33.el6

RHEL 7: new krb5 packages.
New packages are available:
  RHEL 7: krb5 1.12.2-14.el7

Ubuntu: new krb5 packages.
New packages are available, as indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computers vulnerabilities database. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.