Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Kerberos

Summary

IBM has provided explicit mitigation for the following Kerberos CVEs. DataPower did not previously provide the conditions necessary to exploit these CVEs. The explicit mitigations provided here protect against possible future changes that might have made them exploitable.

Vulnerability Details

CVEID:CVE-2014-5352
**DESCRIPTION:**MIT krb5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a double-free error in gss_process_context_token(). An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/100842 for the current score.
CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVEID:CVE-2014-4344
**DESCRIPTION:**MIT Kerberos 5 (krb5) is vulnerable to a NULL pointer dereference in the acc_ctx_cont() function within the SPNEGO Acceptor for Continuation Tokens. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/95210 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:CVE-2015-2695
**DESCRIPTION:**MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established SPNEGO context, a remote attacker could exploit this vulnerability to cause the process to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/107874 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Remediation/Fixes

Workarounds and Mitigations

None