Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:587579
HistoryJan 31, 2003 - 12:00 a.m.

MIT Kerberos V5 ASN.1 decoder fails to perform bounds checking on data element length fields

2003-01-3100:00:00
www.kb.cert.org
18

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON

Overview

The MIT Kerberos V5 implementation contains an ASN.1 decoding flaw that may allow remote attackers to crash affected Kerberos applications.

Description

Kerberos V5 protocol messages are defined using Abstract Syntax Notation One (ASN.1), a formal language that allows protocol specifications to be easily encoded for network transmission. For example, each data element in a given protocol message is encoded with additional information that indicates the type and length of the supplied data. This standardized format allows the recipient of the message to interpret the data elements and handle them appropriately.

The ASN.1 decoder included with MIT Kerberos V5 fails to perform bounds checking on the length values supplied with each data element. In some cases, an incoming message can contain a large unsigned data element length value that is misinterpreted as a negative signed value. When an affected Key Distribution Center (KDC) or other Kerberos application attempts to allocate negative or unreasonably large amounts of storage, an error condition will occur that may cause the application to crash.

Impact

This vulnerability allows remote attackers to crash affected applications, resulting in a denial of service condition.

Solution

This vulnerability was addressed in MIT Kerberos V5 1.2.5, released on April 30, 2002. MIT krb5 Security Advisory 2003-001 provides additional information from MIT and is available at:

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt

For information regarding other vendors who may be affected, please see the vendor section of this document.

Vendor Information

587579

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

MIT Kerberos Development Team __ Affected

Notified: April 04, 2002 Updated: January 30, 2003

Status

Affected

Vendor Statement

MIT recommends updating to release 1.2.5 or later, preferably to the latest release. Patches specifically to fix these problems are not available at this time.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The MIT Kerberos Development Team has published MIT krb5 Security Advisory 2003-001 to address this vulnerability. For more information, please see:

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

MandrakeSoft __ Affected

Notified: April 03, 2003 Updated: April 04, 2003

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

MandrakeSoft has published Security Advisory MDKSA-2003:043-1 to address this vulnerability. For more information, please see:

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:043-1

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Red Hat Inc. __ Affected

Notified: April 08, 2002 Updated: March 27, 2003

Status

Affected

Vendor Statement

Red Hat Linux and Red Hat Enterprise Linux ship with a Kerberos package vulnerable to these issues. Updated Kerberos packages are available along with our advisory at the URLs below. Users of the Red Hat Network can update their systems using the ‘up2date’ tool.

Red Hat Linux:

http://rhn.redhat.com/errata/RHSA-2002-051.html
Red Hat Enterprise Linux:

Will be available shortly

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Hewlett-Packard Company __ Not Affected

Notified: April 08, 2002 Updated: January 31, 2003

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC does not believe that HP products are affected by this vulnerability.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Microsoft Corporation __ Not Affected

Notified: April 04, 2002 Updated: January 31, 2003

Status

Not Affected

Vendor Statement

This report is specific to implementations that are using the MIT Kerberos5 code distribution. Microsoft does not use the MIT code (and specifically not the asn module described in your report). And do we believe Windows does not have this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Apple Computer Inc. Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

BSDI Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Cisco Systems Inc. Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Conectiva Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Cray Inc. Unknown

Notified: April 08, 2002 Updated: January 31, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Debian Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

IBM Unknown

Notified: April 08, 2002 Updated: January 31, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

KTH Kerberos Unknown

Notified: April 04, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

NetBSD Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

OpenBSD Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Sun Microsystems Inc. Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

The SCO Group Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

Wind River Systems Inc. Unknown

Notified: April 08, 2002 Updated: January 29, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23587579 Feedback>).

View all 18 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

The reporter of this vulnerability wishes to remain anonymous.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs: CVE-2002-0036
Severity Metric: 31.50 Date Public:

Related

cve 1
cvelist 1
nvd 1
nessus 3
redhat 1
cve
cve
CVE-2002-0036
2004-09-01 04:00:00
cvelist
cvelist
CVE-2002-0036
2004-09-01 04:00:00
nvd
nvd
CVE-2002-0036
2003-02-19 05:00:00
nessus
nessus
Mandrake Linux Security Advisory : krb5 (MDKSA-2003:043-1)
2004-07-31 00:00:00
RHEL 2.1 : krb5 (RHSA-2003:052)
2004-07-06 00:00:00
Kerberos 5 < 1.3.5 Multiple Vulnerabilities
2003-04-03 00:00:00
redhat
redhat
(RHSA-2003:052) krb5 security update
2003-03-27 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON
Related for VU:587579
cve1cvelist1nvd1nessus3redhat1