Security Bulletin: Power Hardware Management Console is affected by security vulnerabilities in Kerberos (CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423)

Summary

Power Hardware Management Console is affected by security vulnerabilities in Kerberos.

Vulnerability Details

CVE-ID: CVE-2014-4341
DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference. By injecting invalid tokens into a GSSAPI application session, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94904 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4342
DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference. By injecting invalid tokens into a GSSAPI application session, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94903 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4343
DESCRIPTION: MIT Kerberos 5 (krb5) is vulnerable to a denial of service, caused by a double-free error in the init_ctx_reselect() function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a GSSAPI initiator to crash.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95211 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-5352
Description: MIT krb5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a double-free error in gss_process_context_token(). An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.000
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/100842 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVE-ID: CVE-2014-9421
Description: MIT krb5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a double-free error in the kadmind daemon. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.000
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/100841 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVE-ID: CVE-2014-9422
Description: MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by the acceptance of authentications to two-component server principals. An attacker could exploit this vulnerability to impersonate arbitrary users.
CVSS Base Score: 6.100
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/100840 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:S/C:P/I:P/A:C)

CVE-ID: CVE-2014-9423
Description: MIT krb5 could allow a remote attacker to obtain sensitive information, caused by the leak of 4 byte or 8-byte portions of uninitialized memory to the network by the libgssrpc application. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.000
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/100839 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Affected Products and Versions

Power HMC V8.8.1.0
Power HMC V8.8.2.0

Remediation/Fixes

The Following fixes are available on IBM Fix Central at http://www-933.ibm.com/support/fixcentral/

Workarounds and Mitigations

None