Lucene search
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3395.NASLHistoryNov 09, 2015 - 12:00 a.m.
Debian DSA-3395-1 : krb5 - security update
2015-11-0900:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems :
-
CVE-2015-2695 It was discovered that applications which call gss_inquire_context() on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash.
-
CVE-2015-2696 It was discovered that applications which call gss_inquire_context() on a partially-established IAKERB context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash.
-
CVE-2015-2697 It was discovered that the build_principal_va() function incorrectly handles input strings. An authenticated attacker can take advantage of this flaw to cause a KDC to crash using a TGS request with a large realm field beginning with a null byte.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-3395. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(86795);
script_version("2.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2015-2695", "CVE-2015-2696", "CVE-2015-2697");
script_xref(name:"DSA", value:"3395");
script_name(english:"Debian DSA-3395-1 : krb5 - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities were discovered in krb5, the MIT
implementation of Kerberos. The Common Vulnerabilities and Exposures
project identifies the following problems :
- CVE-2015-2695
It was discovered that applications which call
gss_inquire_context() on a partially-established SPNEGO
context can cause the GSS-API library to read from a
pointer using the wrong type, leading to a process
crash.
- CVE-2015-2696
It was discovered that applications which call
gss_inquire_context() on a partially-established IAKERB
context can cause the GSS-API library to read from a
pointer using the wrong type, leading to a process
crash.
- CVE-2015-2697
It was discovered that the build_principal_va() function
incorrectly handles input strings. An authenticated
attacker can take advantage of this flaw to cause a KDC
to crash using a TGS request with a large realm field
beginning with a null byte."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2015-2695"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2015-2696"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2015-2697"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/wheezy/krb5"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/jessie/krb5"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2015/dsa-3395"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the krb5 packages.
For the oldstable distribution (wheezy), these problems have been
fixed in version 1.10.1+dfsg-5+deb7u4.
For the stable distribution (jessie), these problems have been fixed
in version 1.12.1+dfsg-19+deb8u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"patch_publication_date", value:"2015/11/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/09");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"krb5-admin-server", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-doc", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-gss-samples", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-kdc", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-kdc-ldap", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-locales", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-multidev", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-pkinit", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-user", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libgssapi-krb5-2", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libgssrpc4", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libk5crypto3", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkadm5clnt-mit8", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkadm5srv-mit8", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkdb5-6", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkrb5-3", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkrb5-dbg", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkrb5-dev", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"7.0", prefix:"libkrb5support0", reference:"1.10.1+dfsg-5+deb7u4")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-admin-server", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-doc", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-gss-samples", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-kdc", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-kdc-ldap", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-locales", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-multidev", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-otp", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-pkinit", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"krb5-user", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libgssapi-krb5-2", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libgssrpc4", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libk5crypto3", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkadm5clnt-mit9", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkadm5srv-mit9", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkdb5-7", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrad-dev", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrad0", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrb5-3", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrb5-dbg", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrb5-dev", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libkrb5support0", reference:"1.12.1+dfsg-19+deb8u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | krb5 | p-cpe:/a:debian:debian_linux:krb5 |
| debian | debian_linux | 7.0 | cpe:/o:debian:debian_linux:7.0 |
| debian | debian_linux | 8.0 | cpe:/o:debian:debian_linux:8.0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083
bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084
bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088
packages.debian.org/source/jessie/krb5
packages.debian.org/source/wheezy/krb5
security-tracker.debian.org/tracker/CVE-2015-2695
security-tracker.debian.org/tracker/CVE-2015-2696
security-tracker.debian.org/tracker/CVE-2015-2697
www.debian.org/security/2015/dsa-3395
Related
suse
suse
Security update for krb5 (important)
2015-11-16 11:12:28
Security update for krb5 (important)
2015-11-04 10:11:32
Security update for krb5 (important)
2015-11-06 18:12:23
nessus
nessus
SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:1897-1)
2015-11-05 00:00:00
GLSA-201611-14 : MIT Kerberos 5: Multiple vulnerabilities
2016-11-21 00:00:00
openSUSE Security Update : krb5 (openSUSE-2015-709)
2015-11-09 00:00:00
osv
osv
krb5 - security update
2015-11-06 00:00:00
krb5 - security update
2015-11-06 00:00:00
krb5 - security update
2015-11-07 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1897-1)
2021-04-19 00:00:00
SUSE: Security Advisory for krb5 (SUSE-SU-2015:1897-1)
2015-11-05 00:00:00
openSUSE: Security Advisory for krb5 (openSUSE-SU-2015:1928-1)
2015-11-07 00:00:00
debian
debian
[SECURITY] [DSA 3395-1] krb5 security update
2015-11-06 19:50:12
[SECURITY] [DSA 3395-1] krb5 security update
2015-11-06 19:49:54
[SECURITY] [DLA 340-1] krb5 security update
2015-11-07 18:23:24
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2016-11-20 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: krb5-1.13.2-12.fc23
2015-11-02 18:55:23
[SECURITY] Fedora 21 Update: krb5-1.12.2-19.fc21
2015-11-24 22:51:08
[SECURITY] Fedora 22 Update: krb5-1.13.2-10.fc22
2015-11-19 12:25:51
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-11-07 23:11:27
Updated krb5 packages fix CVE-2015-2698
2015-11-17 00:36:58
ibm
ibm
ubuntu
ubuntu
Kerberos vulnerabilities
2015-11-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.14.2-alt1
2016-04-25 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.14.2-alt1
2016-04-26 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13.7-alt0.M70P.1
2017-04-13 00:00:00
debiancve
debiancve
prion
prion
Design/Logic Flaw
2015-11-09 03:59:00
Design/Logic Flaw
2015-11-09 03:59:00
Out-of-bounds
2015-11-09 03:59:00
ubuntucve
ubuntucve
cve
cve
cvelist
cvelist
Related for DEBIAN_DSA-3395.NASL