MiracleLinux 4 : krb5-1.10.3-33.AXS4 (AXSA:2014-606:02)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 4 fixes Kerberos 5 vulnerabilities, including remote DoS and memory errors.

Reporter	Title	Published	Views	Family All 247
IBM Security Bulletins	Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-4341, CVE-2013-1418 )	23 Feb 202219:48	–	ibm
IBM Security Bulletins	Security Bulletin: Power Hardware Management Console is affected by security vulnerabilities in Kerberos (CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423)	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities affect IBM's Advanced Management Module (AMM)	14 Apr 202314:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Kerberos	2 Jun 202213:24	–	ibm
Tenable Nessus	AIX NAS Advisory : nas_advisory1.asc	4 Sep 201400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : krb5 (ALAS-2014-443)	18 Nov 201400:00	–	nessus
Tenable Nessus	CentOS 5 : krb5 (CESA-2014:1245)	1 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 5 : krb5 (CESA-2014:1255)	14 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 6 : krb5 (CESA-2014:1389)	12 Nov 201400:00	–	nessus
Tenable Nessus	CentOS 7 : krb5 (CESA-2015:0439)	18 Mar 201500:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/5064
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-606:02.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289469);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id(
    "CVE-2013-1418",
    "CVE-2013-6800",
    "CVE-2014-4341",
    "CVE-2014-4342",
    "CVE-2014-4343",
    "CVE-2014-4344",
    "CVE-2014-4345"
  );

  script_name(english:"MiracleLinux 4 : krb5-1.10.3-33.AXS4 (AXSA:2014-606:02)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2014-606:02 advisory.

    Description :
    Kerberos V5 is a trusted-third-party network authentication system,
    which can improve your network's security by eliminating the insecure
    practice of sending passwords over the network in unencrypted form.
    Security issues fixed with this release:
    CVE-2013-1418
    The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka
    krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of
    service (NULL pointer dereference and daemon crash) via a crafted request.
    CVE-2013-6800
    An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka
    krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and
    daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
    CVE-2014-4341
    MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-
    read and application crash) by injecting invalid tokens into a GSSAPI application session.
    CVE-2014-4342
    MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of
    service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens
    into a GSSAPI application session.
    CVE-2014-4343
    Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in
    lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows
    remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via
    network traffic that appears to come from an intended acceptor, but specifies a security mechanism
    different from the one proposed by the initiator.
    CVE-2014-4344
    The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka
    krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL
    pointer dereference and application crash) via an empty continuation token at a certain point during a
    SPNEGO negotiation.
    CVE-2014-4345
    Off-by-one error in the krb5_encode_krbsecretkey function in
    plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka
    krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to
    cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of cpw
    -keepold commands.
    Fixed bugs;
    These updated krb5 packages also include several bug fixes.
    Please see changelog for more information.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/5064");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-4345");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/11/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-pkinit-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-server-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:krb5-workstation");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'krb5-devel-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-devel-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-libs-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-libs-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-pkinit-openssl-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-pkinit-openssl-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-server-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-server-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-server-ldap-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-server-ldap-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-workstation-1.10.3-33.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'krb5-workstation-1.10.3-33.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'krb5-devel / krb5-libs / krb5-pkinit-openssl / krb5-server / etc');
}

16 Jan 2026 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 28.5

EPSS0.14451