ID |
CVE-2016-3120
|
Summary |
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.0 (as of 21-01-2020 - 15:47) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-476 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
redhat
via4
|
advisories | bugzilla | id | 1364993 | title | MS-KKDCP with TLS SNI requires HTTP Host header |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | krb5-devel is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591001 |
comment | krb5-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599002 |
|
AND | comment | krb5-libs is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591003 |
comment | krb5-libs is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599004 |
|
AND | comment | krb5-pkinit is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591005 |
comment | krb5-pkinit is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599006 |
|
AND | comment | krb5-server is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591007 |
comment | krb5-server is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599008 |
|
AND | comment | krb5-server-ldap is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591009 |
comment | krb5-server-ldap is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599010 |
|
AND | comment | krb5-workstation is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591011 |
comment | krb5-workstation is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599012 |
|
AND | comment | libkadm5 is earlier than 0:1.14.1-26.el7 | oval | oval:com.redhat.rhsa:tst:20162591013 |
comment | libkadm5 is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599014 |
|
|
|
|
| rhsa | id | RHSA-2016:2591 | released | 2016-11-03 | severity | Low | title | RHSA-2016:2591: krb5 security, bug fix, and enhancement update (Low) |
|
| rpms | - krb5-debuginfo-0:1.14.1-26.el7
- krb5-devel-0:1.14.1-26.el7
- krb5-libs-0:1.14.1-26.el7
- krb5-pkinit-0:1.14.1-26.el7
- krb5-server-0:1.14.1-26.el7
- krb5-server-ldap-0:1.14.1-26.el7
- krb5-workstation-0:1.14.1-26.el7
- libkadm5-0:1.14.1-26.el7
|
|
refmap
via4
|
bid | 92132 | confirm | | fedora | FEDORA-2016-0674a3c372 | mlist | [debian-lts-announce] 20180131 [SECURITY] [DLA 1265-1] krb5 security update | sectrack | 1036442 | suse | openSUSE-SU-2016:2268 |
|
Last major update |
21-01-2020 - 15:47 |
Published |
01-08-2016 - 02:59 |
Last modified |
21-01-2020 - 15:47 |