ID CVE-2017-17439
Summary In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
References
Vulnerable Configurations
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Heimdal Project Heimdal 7.4.0
    cpe:2.3:a:heimdal_project:heimdal:7.4.0
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-1364.NASL
    description This update for libheimdal fixes the following issues : - CVE-2017-17439: Remote unauthenticated attackers may have crashed the KDC (boo#1071675)
    last seen 2018-01-27
    modified 2018-01-26
    plugin id 105244
    published 2017-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105244
    title openSUSE Security Update : libheimdal (openSUSE-2017-1364)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-F0E5AD250C.NASL
    description Update to 7.5.0 GA release (CVE-2017-17439) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 106000
    published 2018-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106000
    title Fedora 27 : heimdal (2017-f0e5ad250c)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4055.NASL
    description Michael Eder and Thomas Kittel discovered that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service (crash of the KDC daemon) by sending maliciously crafted packets.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105087
    published 2017-12-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105087
    title Debian DSA-4055-1 : heimdal - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-2962E58478.NASL
    description Update to 7.5.0 GA release (CVE-2017-17439) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 105706
    published 2018-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105706
    title Fedora 26 : heimdal (2017-2962e58478)
refmap via4
confirm
debian DSA-4055
misc http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html
Last major update 06-12-2017 - 10:29
Published 06-12-2017 - 10:29
Last modified 29-12-2017 - 21:29
Back to Top