Lucene search
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.OPENSUSE-2015-128.NASLHistoryFeb 12, 2015 - 12:00 a.m.
openSUSE Security Update : krb5 (openSUSE-2015-128)
2015-02-1200:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
9
krb5 was updated to fix five security issues.
These security issues were fixed :
-
CVE-2014-5351: current keys returned when randomizing the keys for a service principal (bnc#897874)
-
CVE-2014-5352: An authenticated attacker could cause a vulnerable application (including kadmind) to crash or to execute arbitrary code (bnc#912002).
-
CVE-2014-9421: An authenticated attacker could cause kadmind or other vulnerable server application to crash or to execute arbitrary code (bnc#912002).
-
CVE-2014-9422: An attacker who possess the key of a particularly named principal (such as ‘kad/root’) could impersonate any user to kadmind and perform administrative actions as that user (bnc#912002).
-
CVE-2014-9423: An attacker could attempt to glean sensitive information from the four or eight bytes of uninitialized data output by kadmind or other libgssrpc server application. Because MIT krb5 generally sanitizes memory containing krb5 keys before freeing it, it is unlikely that kadmind would leak Kerberos key information, but it is not impossible (bnc#912002).
This non-security issue was fixed :
- Work around replay cache creation race (bnc#898439).
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2015-128.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(81304);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2014-5351", "CVE-2014-5352", "CVE-2014-9421", "CVE-2014-9422", "CVE-2014-9423");
script_name(english:"openSUSE Security Update : krb5 (openSUSE-2015-128)");
script_summary(english:"Check for the openSUSE-2015-128 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"krb5 was updated to fix five security issues.
These security issues were fixed :
- CVE-2014-5351: current keys returned when randomizing
the keys for a service principal (bnc#897874)
- CVE-2014-5352: An authenticated attacker could cause a
vulnerable application (including kadmind) to crash or
to execute arbitrary code (bnc#912002).
- CVE-2014-9421: An authenticated attacker could cause
kadmind or other vulnerable server application to crash
or to execute arbitrary code (bnc#912002).
- CVE-2014-9422: An attacker who possess the key of a
particularly named principal (such as 'kad/root') could
impersonate any user to kadmind and perform
administrative actions as that user (bnc#912002).
- CVE-2014-9423: An attacker could attempt to glean
sensitive information from the four or eight bytes of
uninitialized data output by kadmind or other libgssrpc
server application. Because MIT krb5 generally sanitizes
memory containing krb5 keys before freeing it, it is
unlikely that kadmind would leak Kerberos key
information, but it is not impossible (bnc#912002).
This non-security issue was fixed :
- Work around replay cache creation race (bnc#898439)."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=897874"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=898439"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=912002"
);
script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-devel-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-mini");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-mini-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-mini-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-mini-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-otp-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
script_set_attribute(attribute:"patch_publication_date", value:"2015/02/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-client-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-client-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-debugsource-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-devel-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-mini-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-mini-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-mini-debugsource-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-mini-devel-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-kdb-ldap-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-kdb-ldap-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-preauth-otp-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-preauth-otp-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-preauth-pkinit-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-plugin-preauth-pkinit-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-server-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"krb5-server-debuginfo-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"krb5-32bit-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"krb5-debuginfo-32bit-1.12.2-6.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"krb5-devel-32bit-1.12.2-6.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-mini / krb5-mini-debuginfo / krb5-mini-debugsource / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | krb5 | p-cpe:/a:novell:opensuse:krb5 |
| novell | opensuse | krb5-32bit | p-cpe:/a:novell:opensuse:krb5-32bit |
| novell | opensuse | krb5-client | p-cpe:/a:novell:opensuse:krb5-client |
| novell | opensuse | krb5-client-debuginfo | p-cpe:/a:novell:opensuse:krb5-client-debuginfo |
| novell | opensuse | krb5-debuginfo | p-cpe:/a:novell:opensuse:krb5-debuginfo |
| novell | opensuse | krb5-debuginfo-32bit | p-cpe:/a:novell:opensuse:krb5-debuginfo-32bit |
| novell | opensuse | krb5-debugsource | p-cpe:/a:novell:opensuse:krb5-debugsource |
| novell | opensuse | krb5-devel | p-cpe:/a:novell:opensuse:krb5-devel |
| novell | opensuse | krb5-devel-32bit | p-cpe:/a:novell:opensuse:krb5-devel-32bit |
| novell | opensuse | krb5-mini | p-cpe:/a:novell:opensuse:krb5-mini |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
bugzilla.opensuse.org/show_bug.cgi?id=897874
bugzilla.opensuse.org/show_bug.cgi?id=898439
bugzilla.opensuse.org/show_bug.cgi?id=912002
Related
suse
suse
Security update for krb5 (important)
2015-02-16 15:04:57
Security update for krb5 (important)
2015-02-16 14:05:49
Security update for krb5 (important)
2015-02-11 18:08:30
nessus
nessus
SUSE SLES12 Security Update : krb5 (SUSE-SU-2015:0290-1)
2015-05-20 00:00:00
SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:0290-2)
2015-05-20 00:00:00
Fedora 20 : krb5-1.11.5-18.fc20 (2015-2382)
2015-03-10 00:00:00
openvas
openvas
SUSE: Security Advisory for krb5 (SUSE-SU-2015:0290-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0290-2)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0290-1)
2021-04-19 00:00:00
ibm
ibm
securityvulns
securityvulns
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token
2015-02-11 00:00:00
MIT Kerberos 5 multiple security vulnerabilities
2015-02-11 00:00:00
MIT krb5 privilege escalation
2014-11-24 00:00:00
osv
osv
krb5 - security update
2015-02-07 00:00:00
krb5 - security update
2015-02-03 00:00:00
krb5 - security update
2018-01-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt3
2015-02-08 00:00:00
debian
debian
[SECURITY] [DLA 146-1] krb5 security update
2015-02-07 11:00:23
[SECURITY] [DSA 3153-1] krb5 security update
2015-02-03 20:50:26
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:55
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-03 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-02-15 18:57:20
Updated krb5 packages fix security vulnerability
2014-11-21 15:44:16
aix
aix
Multiple Security vulnerabilities in IBM NAS(kerberos)
2015-05-21 05:06:05
AIX NAS vulnerability
2015-01-20 04:42:45
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
[SECURITY] Fedora 20 Update: krb5-1.11.5-18.fc20
2015-03-09 08:18:34
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
f5
f5
K16443 : MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
SOL16443 - MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
K16441 : MIT Kerberos 5 vulnerability CVE-2014-9423
2015-04-15 00:00:00
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:13:02
Privilege Escalation
2019-05-02 05:13:02
Denial Of Service (DoS)
2019-01-15 09:05:33
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
amazon
amazon
Medium: krb5
2015-05-05 15:44:00
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
cve
cve
attackerkb
attackerkb
Microsoft Internet Explorer Use-After-Free Vulnerability
2014-10-15 00:00:00
gentoo
gentoo
MIT Kerberos 5: User-assisted execution of arbitrary code
2014-12-31 00:00:00
Related for OPENSUSE-2015-128.NASL