CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
85.9%
CentOS Errata and Security Advisory CESA-2014:1255
Kerberos is an authentication system which allows clients and services to
authenticate to each other with the help of a trusted third party, a
Kerberos Key Distribution Center (KDC).
A buffer overflow was found in the KADM5 administration server (kadmind)
when it was used with an LDAP back end for the KDC database. A remote,
authenticated attacker could potentially use this flaw to execute arbitrary
code on the system running kadmind. (CVE-2014-4345)
All krb5 users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the krb5kdc and kadmind daemons will be restarted
automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-October/082840.html
Affected packages:
krb5-devel
krb5-libs
krb5-server
krb5-server-ldap
krb5-workstation
Upstream details at:
https://access.redhat.com/errata/RHSA-2014:1255
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | i386 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | i386 | krb5-server | < 1.6.1-80.el5_11 | krb5-server-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | i386 | krb5-server-ldap | < 1.6.1-80.el5_11 | krb5-server-ldap-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | i386 | krb5-workstation | < 1.6.1-80.el5_11 | krb5-workstation-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | i386 | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | x86_64 | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.x86_64.rpm |
CentOS | 5 | i386 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.i386.rpm |
CentOS | 5 | x86_64 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.x86_64.rpm |
CentOS | 5 | x86_64 | krb5-server | < 1.6.1-80.el5_11 | krb5-server-1.6.1-80.el5_11.x86_64.rpm |