ID ORACLELINUX_ELSA-2018-0666.NASL Type nessus Reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2019-12-02T00:00:00
Description
From Red Hat Security Advisory 2018:0666 :
An update for krb5 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Kerberos is a network authentication system, which can improve the
security of your network by eliminating the insecure practice of
sending passwords over the network in unencrypted form. It allows
clients and servers to authenticate to each other with the help of a
trusted third party, the Kerberos key distribution center (KDC).
Security Fix(es) :
krb5: Authentication bypass by improper validation of certificate
EKU and SAN (CVE-2017-7562)
krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure
(CVE-2017-11368)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.5 Release Notes linked from the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2018:0666 and
# Oracle Linux Security Advisory ELSA-2018-0666 respectively.
#
include("compat.inc");
if (description)
{
script_id(109104);
script_version("1.2");
script_cvs_date("Date: 2019/09/27 13:00:38");
script_cve_id("CVE-2017-11368", "CVE-2017-7562");
script_xref(name:"RHSA", value:"2018:0666");
script_name(english:"Oracle Linux 7 : krb5 (ELSA-2018-0666)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Oracle Linux host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"From Red Hat Security Advisory 2018:0666 :
An update for krb5 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Kerberos is a network authentication system, which can improve the
security of your network by eliminating the insecure practice of
sending passwords over the network in unencrypted form. It allows
clients and servers to authenticate to each other with the help of a
trusted third party, the Kerberos key distribution center (KDC).
Security Fix(es) :
* krb5: Authentication bypass by improper validation of certificate
EKU and SAN (CVE-2017-7562)
* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure
(CVE-2017-11368)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.5 Release Notes linked from the References section."
);
script_set_attribute(
attribute:"see_also",
value:"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"
);
script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-pkinit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-server-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-workstation");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libkadm5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/09");
script_set_attribute(attribute:"patch_publication_date", value:"2018/04/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/18");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Oracle Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
flag = 0;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-devel-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-libs-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-pkinit-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-server-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-server-ldap-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"krb5-workstation-1.15.1-18.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libkadm5-1.15.1-18.el7")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc");
}
{"id": "ORACLELINUX_ELSA-2018-0666.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.", "published": "2018-04-18T00:00:00", "modified": "2019-12-02T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/109104", "reporter": "This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "type": "nessus", "lastseen": "2019-12-13T08:43:12", "history": [{"lastseen": "2019-11-01T03:15:33", "edition": 7, "differentElements": ["modified"], "bulletin": {"lastseen": "2019-11-01T03:15:33", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "pluginID": "109104", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.", "edition": 7, "reporter": "This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "history": [], "published": "2018-04-18T00:00:00", "enchantments": {"score": {"modified": "2019-11-01T03:15:33", "vector": "NONE", "value": 5.5}, "dependencies": {"references": [{"idList": ["ELSA-2018-0666"], "type": "oraclelinux"}, {"idList": ["ALAS-2018-1010"], "type": "amazon"}, {"idList": ["3F3837CC-48FB-4414-AA46-5B1C23C9FEAE"], "type": "freebsd"}, {"idList": ["RHSA-2018:0666"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310873117", "OPENVAS:1361412562310891058", "OPENVAS:1361412562310872908", "OPENVAS:1361412562310872921"], "type": "openvas"}, {"idList": ["CENTOS_RHSA-2018-0666.NASL", "EULEROS_SA-2018-1354.NASL", "REDHAT-RHSA-2018-0666.NASL", "EULEROS_SA-2019-1167.NASL", "EULEROS_SA-2018-1361.NASL", "SL_20180410_KRB5_ON_SL7_X.NASL", "AL2_ALAS-2018-1010.NASL", "NEWSTART_CGSL_NS-SA-2019-0025_KRB5.NASL", "EULEROS_SA-2018-1408.NASL", "ALA_ALAS-2018-1010.NASL"], "type": "nessus"}, {"idList": ["CESA-2018:0666"], "type": "centos"}, {"idList": ["DEBIAN:DLA-1058-1:90E67"], "type": "debian"}, {"idList": ["CVE-2017-7562", "CVE-2017-11368"], "type": "cve"}], "modified": "2019-11-01T03:15:33"}}, "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "type": "nessus", "objectVersion": "1.3", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "modified": "2019-11-02T00:00:00", "href": "https://www.tenable.com/plugins/nessus/109104", "id": "ORACLELINUX_ELSA-2018-0666.NASL", "viewCount": 1, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/09/27 13:00:38\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "hashmap": [{"hash": "abcf9266f425f12dda38f529cd4a94bc", "key": "modified"}, {"hash": "3a24dfd360218a9ca36afb3843751b95", "key": "cvss"}, {"hash": "589622fb3974db41fbe4a37b78d8585c", "key": "pluginID"}, {"hash": "f6c47e0245d08f9f0d7def92603f8841", "key": "href"}, {"hash": "d4a639c33adeadb99f231cff21e8e38c", "key": "cvelist"}, {"hash": "b02b9daba2407c9f40b2c4c3cce3a8f7", "key": "sourceData"}, {"hash": "c6188b6304a8eb8be8235ccba7cabead", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "0975adf19adb993cc2dc44ea6b27d31e", "key": "reporter"}, {"hash": "25f2ecc6f92a9662b132ddef240a331a", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "36b265621094474f46850dab800d5cfd", "key": "cpe"}, {"hash": "bdd24f4bf4a564ed43bb109c883f8be9", "key": "references"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "published"}], "hash": "a56776edc2df74e6c1dfa500231a7bd8006e2a35946fa270a21dd3751dc66ad9"}}, {"lastseen": "2018-08-30T19:57:28", "edition": 2, "differentElements": ["cvss"], "bulletin": {"lastseen": "2018-08-30T19:57:28", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "pluginID": "109104", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.", "edition": 2, "reporter": "Tenable", "history": [], "published": "2018-04-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "type": "nessus", "objectVersion": "1.3", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "modified": "2018-04-18T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109104", "id": "ORACLELINUX_ELSA-2018-0666.NASL", "viewCount": 0, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/18 11:50:33\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}, "hashmap": [{"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "589622fb3974db41fbe4a37b78d8585c", "key": "pluginID"}, {"hash": "4b9b81b974dc7fbb0431dc8482213afd", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d4a639c33adeadb99f231cff21e8e38c", "key": "cvelist"}, {"hash": "caad9cd0d1dc0dae85a43d3bdb790eae", "key": "href"}, {"hash": "c6188b6304a8eb8be8235ccba7cabead", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "36b265621094474f46850dab800d5cfd", "key": "cpe"}, {"hash": "bdd24f4bf4a564ed43bb109c883f8be9", "key": "references"}, {"hash": "ec859622917917a5936fd5242800f06c", "key": "sourceData"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "published"}], "hash": "68b467d9bf1ee53346a8b3603144012c0b1542d55ba4ed5ea45d421ed809098b"}}, {"lastseen": "2019-02-21T01:38:21", "edition": 5, "differentElements": ["cvss", "description", "reporter", "modified", "sourceData", "href"], "bulletin": {"lastseen": "2019-02-21T01:38:21", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "pluginID": "109104", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.", "edition": 5, "reporter": "Tenable", "history": [], "published": "2018-04-18T00:00:00", "enchantments": {"score": {"modified": "2019-02-21T01:38:21", "vector": "NONE", "value": 5.6}, "dependencies": {"references": [{"idList": ["ELSA-2018-0666"], "type": "oraclelinux"}, {"idList": ["ALAS-2018-1010"], "type": "amazon"}, {"idList": ["3F3837CC-48FB-4414-AA46-5B1C23C9FEAE"], "type": "freebsd"}, {"idList": ["RHSA-2018:0666"], "type": "redhat"}, {"idList": ["CENTOS_RHSA-2018-0666.NASL", "EULEROS_SA-2018-1354.NASL", "REDHAT-RHSA-2018-0666.NASL", "FEDORA_2017-8E9D9771C4.NASL", "EULEROS_SA-2018-1361.NASL", "SL_20180410_KRB5_ON_SL7_X.NASL", "AL2_ALAS-2018-1010.NASL", "FEDORA_2017-71C47E1E82.NASL", "EULEROS_SA-2018-1408.NASL", "ALA_ALAS-2018-1010.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310873117", "OPENVAS:1361412562310891058", "OPENVAS:1361412562310872908", "OPENVAS:1361412562310872921"], "type": "openvas"}, {"idList": ["CESA-2018:0666"], "type": "centos"}, {"idList": ["DEBIAN:DLA-1058-1:90E67"], "type": "debian"}, {"idList": ["CVE-2017-7562", "CVE-2017-11368"], "type": "cve"}], "modified": "2019-02-21T01:38:21"}}, "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "type": "nessus", "objectVersion": "1.3", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "modified": "2018-04-18T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109104", "id": "ORACLELINUX_ELSA-2018-0666.NASL", "viewCount": 1, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/18 11:50:33\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "hashmap": [{"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "589622fb3974db41fbe4a37b78d8585c", "key": "pluginID"}, {"hash": "4b9b81b974dc7fbb0431dc8482213afd", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d4a639c33adeadb99f231cff21e8e38c", "key": "cvelist"}, {"hash": "caad9cd0d1dc0dae85a43d3bdb790eae", "key": "href"}, {"hash": "c6188b6304a8eb8be8235ccba7cabead", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "36b265621094474f46850dab800d5cfd", "key": "cpe"}, {"hash": "bdd24f4bf4a564ed43bb109c883f8be9", "key": "references"}, {"hash": "ec859622917917a5936fd5242800f06c", "key": "sourceData"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "published"}], "hash": "31d65d71ac0b36efa40449f3cb6465cec0cf7c62374976a7cc04ec3ab6c7fe28"}}, {"lastseen": "2018-04-19T00:13:24", "edition": 1, "differentElements": ["cvss"], "bulletin": {"lastseen": "2018-04-19T00:13:24", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "pluginID": "109104", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.", "edition": 1, "reporter": "Tenable", "history": [], "published": "2018-04-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "type": "nessus", "objectVersion": "1.3", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "modified": "2018-04-18T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109104", "id": "ORACLELINUX_ELSA-2018-0666.NASL", "viewCount": 0, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/18 11:50:33\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "hashmap": [{"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "589622fb3974db41fbe4a37b78d8585c", "key": "pluginID"}, {"hash": "4b9b81b974dc7fbb0431dc8482213afd", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d4a639c33adeadb99f231cff21e8e38c", "key": "cvelist"}, {"hash": "caad9cd0d1dc0dae85a43d3bdb790eae", "key": "href"}, {"hash": "c6188b6304a8eb8be8235ccba7cabead", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "36b265621094474f46850dab800d5cfd", "key": "cpe"}, {"hash": "bdd24f4bf4a564ed43bb109c883f8be9", "key": "references"}, {"hash": "ec859622917917a5936fd5242800f06c", "key": "sourceData"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "published"}], "hash": "31d65d71ac0b36efa40449f3cb6465cec0cf7c62374976a7cc04ec3ab6c7fe28"}}, {"lastseen": "2018-09-02T00:09:11", "edition": 3, "differentElements": ["description"], "bulletin": {"lastseen": "2018-09-02T00:09:11", "references": ["https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html"], "pluginID": "109104", "description": "From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.", "edition": 3, "reporter": "Tenable", "history": [], "published": "2018-04-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Oracle Linux 7 : krb5 (ELSA-2018-0666)", "type": "nessus", "objectVersion": "1.3", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7562", "CVE-2017-11368"], "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "modified": "2018-04-18T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109104", "id": "ORACLELINUX_ELSA-2018-0666.NASL", "viewCount": 0, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/18 11:50:33\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "hashmap": [{"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "589622fb3974db41fbe4a37b78d8585c", "key": "pluginID"}, {"hash": "4b9b81b974dc7fbb0431dc8482213afd", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d4a639c33adeadb99f231cff21e8e38c", "key": "cvelist"}, {"hash": "caad9cd0d1dc0dae85a43d3bdb790eae", "key": "href"}, {"hash": "c6188b6304a8eb8be8235ccba7cabead", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "36b265621094474f46850dab800d5cfd", "key": "cpe"}, {"hash": "bdd24f4bf4a564ed43bb109c883f8be9", "key": "references"}, {"hash": "ec859622917917a5936fd5242800f06c", "key": "sourceData"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "published"}], "hash": "31d65d71ac0b36efa40449f3cb6465cec0cf7c62374976a7cc04ec3ab6c7fe28"}}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "36b265621094474f46850dab800d5cfd"}, {"key": "cvelist", "hash": "d4a639c33adeadb99f231cff21e8e38c"}, {"key": "cvss", "hash": "3a24dfd360218a9ca36afb3843751b95"}, {"key": "description", "hash": "25f2ecc6f92a9662b132ddef240a331a"}, {"key": "href", "hash": "f6c47e0245d08f9f0d7def92603f8841"}, {"key": "modified", "hash": "5a7504dfe859a7ccbaf560628f6442ad"}, {"key": "naslFamily", "hash": "e31ed89ab0cbb68ce2c40f17ec1e5483"}, {"key": "pluginID", "hash": "589622fb3974db41fbe4a37b78d8585c"}, {"key": "published", "hash": "5ba3c9d875bfe1d4088cbfd233ef0c85"}, {"key": "references", "hash": "bdd24f4bf4a564ed43bb109c883f8be9"}, {"key": "reporter", "hash": "0975adf19adb993cc2dc44ea6b27d31e"}, {"key": "sourceData", "hash": "b02b9daba2407c9f40b2c4c3cce3a8f7"}, {"key": "title", "hash": "c6188b6304a8eb8be8235ccba7cabead"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "9bc9026c4015de7712eed3d8f70d1affdc9f06a700fd0440a9e27200b096eb4f", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"idList": ["ELSA-2018-0666"], "type": "oraclelinux"}, {"idList": ["ALAS-2018-1010"], "type": "amazon"}, {"idList": ["3F3837CC-48FB-4414-AA46-5B1C23C9FEAE"], "type": "freebsd"}, {"idList": ["RHSA-2018:0666"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310873117", "OPENVAS:1361412562310891058", "OPENVAS:1361412562310872908", "OPENVAS:1361412562310872921"], "type": "openvas"}, {"idList": ["CENTOS_RHSA-2018-0666.NASL", "EULEROS_SA-2018-1354.NASL", "REDHAT-RHSA-2018-0666.NASL", "EULEROS_SA-2019-1167.NASL", "EULEROS_SA-2018-1361.NASL", "SL_20180410_KRB5_ON_SL7_X.NASL", "AL2_ALAS-2018-1010.NASL", "NEWSTART_CGSL_NS-SA-2019-0025_KRB5.NASL", "EULEROS_SA-2018-1408.NASL", "ALA_ALAS-2018-1010.NASL"], "type": "nessus"}, {"idList": ["CESA-2018:0666"], "type": "centos"}, {"idList": ["DEBIAN:DLA-1058-1:90E67"], "type": "debian"}, {"idList": ["CVE-2017-7562", "CVE-2017-11368"], "type": "cve"}], "modified": "2019-11-01T03:15:33"}, "score": {"value": 5.5, "vector": "NONE", "modified": "2019-11-01T03:15:33"}, "vulnersScore": 5.5}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# Oracle Linux Security Advisory ELSA-2018-0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109104);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/09/27 13:00:38\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"Oracle Linux 7 : krb5 (ELSA-2018-0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:0666 :\n\nAn update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-April/007610.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "109104", "cpe": ["p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-pkinit", "p-cpe:/a:oracle:linux:libkadm5", "p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-server-ldap", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:7"], "scheme": null}
{"cve": [{"lastseen": "2019-11-19T12:52:56", "bulletinFamily": "NVD", "description": "An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.", "modified": "2019-10-09T23:29:00", "id": "CVE-2017-7562", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7562", "published": "2018-07-26T15:29:00", "title": "CVE-2017-7562", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2019-10-04T12:18:47", "bulletinFamily": "NVD", "description": "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-11368", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11368", "published": "2017-08-09T18:29:00", "title": "CVE-2017-11368", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-12-13T06:39:16", "bulletinFamily": "scanner", "description": "A denial of service flaw was found in MIT Kerberos krb5kdc service. An\nauthenticated attacker could use this flaw to cause krb5kdc to exit\nwith an assertion failure by making an invalid S4U2Self or S4U2Proxy\nrequest.(CVE-2017-11368)\n\nAn authentication bypass flaw was found in the way krb5", "modified": "2019-12-02T00:00:00", "id": "ALA_ALAS-2018-1010.NASL", "href": "https://www.tenable.com/plugins/nessus/117342", "published": "2018-09-07T00:00:00", "title": "Amazon Linux AMI : krb5 (ALAS-2018-1010)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1010.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117342);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/09/07 17:03:10\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"ALAS\", value:\"2018-1010\");\n\n script_name(english:\"Amazon Linux AMI : krb5 (ALAS-2018-1010)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in MIT Kerberos krb5kdc service. An\nauthenticated attacker could use this flaw to cause krb5kdc to exit\nwith an assertion failure by making an invalid S4U2Self or S4U2Proxy\nrequest.(CVE-2017-11368)\n\nAn authentication bypass flaw was found in the way krb5's certauth\ninterface handled the validation of client certificates. A remote\nattacker able to communicate with the KDC could potentially use this\nflaw to impersonate arbitrary principals under rare and erroneous\ncircumstances.(CVE-2017-7562)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update krb5' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-pkinit-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"krb5-debuginfo-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-devel-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-libs-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-pkinit-openssl-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-server-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-server-ldap-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"krb5-workstation-1.15.1-19.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libkadm5-1.15.1-19.43.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-pkinit-openssl / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:24:52", "bulletinFamily": "scanner", "description": "According to the versions of the krb5 packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An authentication bypass flaw was found in the way\n krb5", "modified": "2019-12-02T00:00:00", "id": "EULEROS_SA-2019-1167.NASL", "href": "https://www.tenable.com/plugins/nessus/123853", "published": "2019-04-09T00:00:00", "title": "EulerOS Virtualization 2.5.3 : krb5 (EulerOS-SA-2019-1167)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123853);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/22 10:44:44\");\n\n script_cve_id(\n \"CVE-2017-11368\",\n \"CVE-2017-7562\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : krb5 (EulerOS-SA-2019-1167)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the krb5 packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An authentication bypass flaw was found in the way\n krb5's certauth interface handled the validation of\n client certificates. A remote attacker able to\n communicate with the KDC could potentially use this\n flaw to impersonate arbitrary principals under rare and\n erroneous circumstances. (CVE-2017-7562)\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request.(CVE-2017-11368)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1167\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?53a36562\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"krb5-devel-1.15.1-19.h1\",\n \"krb5-libs-1.15.1-19.h1\",\n \"krb5-pkinit-1.15.1-19.h1\",\n \"krb5-server-1.15.1-19.h1\",\n \"krb5-workstation-1.15.1-19.h1\",\n \"libkadm5-1.15.1-19.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:37:51", "bulletinFamily": "scanner", "description": "Authentication bypass by improper validation of certificate EKU and\nSAN\n\nAn authentication bypass flaw was found in the way krb5", "modified": "2019-12-02T00:00:00", "id": "AL2_ALAS-2018-1010.NASL", "href": "https://www.tenable.com/plugins/nessus/109689", "published": "2018-05-11T00:00:00", "title": "Amazon Linux 2 : krb5 (ALAS-2018-1010)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1010.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109689);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/05/11 12:23:24\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"ALAS\", value:\"2018-1010\");\n\n script_name(english:\"Amazon Linux 2 : krb5 (ALAS-2018-1010)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Authentication bypass by improper validation of certificate EKU and\nSAN\n\nAn authentication bypass flaw was found in the way krb5's certauth\ninterface handled the validation of client certificates. A remote\nattacker able to communicate with the KDC could potentially use this\nflaw to impersonate arbitrary principals under rare and erroneous\ncircumstances.(CVE-2017-7562)\n\nInvalid S4U2Self or S4U2Proxy request causes assertion failure\n\nA denial of service flaw was found in MIT Kerberos krb5kdc service. An\nauthenticated attacker could use this flaw to cause krb5kdc to exit\nwith an assertion failure by making an invalid S4U2Self or S4U2Proxy\nrequest.( CVE-2017-11368)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update krb5' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-debuginfo-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-19.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T09:14:48", "bulletinFamily": "scanner", "description": "Security Fix(es) :\n\n - krb5: Authentication bypass by improper validation of\n certificate EKU and SAN (CVE-2017-7562)\n\n - krb5: Invalid S4U2Self or S4U2Proxy request causes\n assertion failure (CVE-2017-11368)\n\nAdditional Changes :", "modified": "2019-12-02T00:00:00", "id": "SL_20180410_KRB5_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/109450", "published": "2018-05-01T00:00:00", "title": "Scientific Linux Security Update : krb5 on SL7.x x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109450);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/27 10:05:37\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n\n script_name(english:\"Scientific Linux Security Update : krb5 on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - krb5: Authentication bypass by improper validation of\n certificate EKU and SAN (CVE-2017-7562)\n\n - krb5: Invalid S4U2Self or S4U2Proxy request causes\n assertion failure (CVE-2017-11368)\n\nAdditional Changes :\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=10862\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0de76a81\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-debuginfo-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:42:52", "bulletinFamily": "scanner", "description": "An update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.", "modified": "2019-12-02T00:00:00", "id": "CENTOS_RHSA-2018-0666.NASL", "href": "https://www.tenable.com/plugins/nessus/109370", "published": "2018-04-27T00:00:00", "title": "CentOS 7 : krb5 (CESA-2018:0666)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:0666 and \n# CentOS Errata and Security Advisory 2018:0666 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109370);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/02 15:30:21\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"CentOS 7 : krb5 (CESA-2018:0666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2018-April/004883.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c96c83a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:24:01", "bulletinFamily": "scanner", "description": "According to the versions of the krb5 packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An authentication bypass flaw was found in the way\n krb5", "modified": "2019-12-02T00:00:00", "id": "EULEROS_SA-2018-1408.NASL", "href": "https://www.tenable.com/plugins/nessus/119897", "published": "2018-12-28T00:00:00", "title": "EulerOS Virtualization 2.5.2 : krb5 (EulerOS-SA-2018-1408)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119897);\n script_version(\"1.28\");\n script_cvs_date(\"Date: 2019/09/17 12:00:08\");\n\n script_cve_id(\n \"CVE-2017-11368\",\n \"CVE-2017-7562\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.2 : krb5 (EulerOS-SA-2018-1408)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the krb5 packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An authentication bypass flaw was found in the way\n krb5's certauth interface before 1.16.1 handled the\n validation of client certificates. A remote attacker\n able to communicate with the KDC could potentially use\n this flaw to impersonate arbitrary principals under\n rare and erroneous circumstances.(CVE-2017-7562)\n\n - In MIT Kerberos 5 (aka krb5) 1.7 and later, an\n authenticated attacker can cause a KDC assertion\n failure by sending invalid S4U2Self or S4U2Proxy\n requests.(CVE-2017-11368)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1408\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43c304ea\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"krb5-devel-1.15.1-19.h1\",\n \"krb5-libs-1.15.1-19.h1\",\n \"krb5-pkinit-1.15.1-19.h1\",\n \"krb5-server-1.15.1-19.h1\",\n \"krb5-workstation-1.15.1-19.h1\",\n \"libkadm5-1.15.1-19.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:23:52", "bulletinFamily": "scanner", "description": "According to the versions of the krb5 packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request.(CVE-2017-11368)\n\n - An authentication bypass flaw was found in the way\n krb5", "modified": "2019-12-02T00:00:00", "id": "EULEROS_SA-2018-1354.NASL", "href": "https://www.tenable.com/plugins/nessus/118737", "published": "2018-11-06T00:00:00", "title": "EulerOS 2.0 SP2 : krb5 (EulerOS-SA-2018-1354)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118737);\n script_version(\"1.34\");\n script_cvs_date(\"Date: 2019/09/11 11:22:11\");\n\n script_cve_id(\n \"CVE-2017-11368\",\n \"CVE-2017-7562\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : krb5 (EulerOS-SA-2018-1354)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the krb5 packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request.(CVE-2017-11368)\n\n - An authentication bypass flaw was found in the way\n krb5's certauth interface handled the validation of\n client certificates. A remote attacker able to\n communicate with the KDC could potentially use this\n flaw to impersonate arbitrary principals under rare and\n erroneous circumstances.(CVE-2017-7562)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1354\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7645968a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"krb5-devel-1.15.1-19.h1\",\n \"krb5-libs-1.15.1-19.h1\",\n \"krb5-pkinit-1.15.1-19.h1\",\n \"krb5-server-1.15.1-19.h1\",\n \"krb5-server-ldap-1.15.1-19.h1\",\n \"krb5-workstation-1.15.1-19.h1\",\n \"libkadm5-1.15.1-19.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:23:52", "bulletinFamily": "scanner", "description": "According to the versions of the krb5 packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request.(CVE-2017-11368)\n\n - An authentication bypass flaw was found in the way\n krb5", "modified": "2019-12-02T00:00:00", "id": "EULEROS_SA-2018-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/118755", "published": "2018-11-07T00:00:00", "title": "EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2018-1361)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118755);\n script_version(\"1.37\");\n script_cvs_date(\"Date: 2019/09/03 10:57:21\");\n\n script_cve_id(\n \"CVE-2017-11368\",\n \"CVE-2017-7562\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2018-1361)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the krb5 packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request.(CVE-2017-11368)\n\n - An authentication bypass flaw was found in the way\n krb5's certauth interface handled the validation of\n client certificates. A remote attacker able to\n communicate with the KDC could potentially use this\n flaw to impersonate arbitrary principals under rare and\n erroneous circumstances.(CVE-2017-7562)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1361\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?de11b1d4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"krb5-devel-1.15.1-19.h1\",\n \"krb5-libs-1.15.1-19.h1\",\n \"krb5-pkinit-1.15.1-19.h1\",\n \"krb5-server-1.15.1-19.h1\",\n \"krb5-server-ldap-1.15.1-19.h1\",\n \"krb5-workstation-1.15.1-19.h1\",\n \"libkadm5-1.15.1-19.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T08:58:10", "bulletinFamily": "scanner", "description": "An update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.", "modified": "2019-12-02T00:00:00", "id": "REDHAT-RHSA-2018-0666.NASL", "href": "https://www.tenable.com/plugins/nessus/108983", "published": "2018-04-11T00:00:00", "title": "RHEL 7 : krb5 (RHSA-2018:0666)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:0666. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108983);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:44\");\n\n script_cve_id(\"CVE-2017-11368\", \"CVE-2017-7562\");\n script_xref(name:\"RHSA\", value:\"2018:0666\");\n\n script_name(english:\"RHEL 7 : krb5 (RHSA-2018:0666)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for krb5 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKerberos is a network authentication system, which can improve the\nsecurity of your network by eliminating the insecure practice of\nsending passwords over the network in unencrypted form. It allows\nclients and servers to authenticate to each other with the help of a\ntrusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es) :\n\n* krb5: Authentication bypass by improper validation of certificate\nEKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure\n(CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dde41582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:0666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-11368\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libkadm5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:0666\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"krb5-debuginfo-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"krb5-devel-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"krb5-libs-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"krb5-pkinit-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"krb5-server-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"krb5-server-ldap-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"krb5-workstation-1.15.1-18.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libkadm5-1.15.1-18.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-pkinit / krb5-server / etc\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T08:10:28", "bulletinFamily": "scanner", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has krb5 packages installed that are affected by\nmultiple vulnerabilities:\n\n - An authentication bypass flaw was found in the way\n krb5", "modified": "2019-12-02T00:00:00", "id": "NEWSTART_CGSL_NS-SA-2019-0025_KRB5.NASL", "href": "https://www.tenable.com/plugins/nessus/127186", "published": "2019-08-12T00:00:00", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2019-0025)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0025. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127186);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/17 14:31:04\");\n\n script_cve_id(\"CVE-2017-7562\", \"CVE-2017-11368\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2019-0025)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has krb5 packages installed that are affected by\nmultiple vulnerabilities:\n\n - An authentication bypass flaw was found in the way\n krb5's certauth interface handled the validation of\n client certificates. A remote attacker able to\n communicate with the KDC could potentially use this flaw\n to impersonate arbitrary principals under rare and\n erroneous circumstances. (CVE-2017-7562)\n\n - A denial of service flaw was found in MIT Kerberos\n krb5kdc service. An authenticated attacker could use\n this flaw to cause krb5kdc to exit with an assertion\n failure by making an invalid S4U2Self or S4U2Proxy\n request. (CVE-2017-11368)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0025\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL krb5 packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7562\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"krb5-debuginfo-1.15.1-19.el7\",\n \"krb5-devel-1.15.1-19.el7\",\n \"krb5-libs-1.15.1-19.el7\",\n \"krb5-pkinit-1.15.1-19.el7\",\n \"krb5-server-1.15.1-19.el7\",\n \"krb5-server-ldap-1.15.1-19.el7\",\n \"krb5-workstation-1.15.1-19.el7\",\n \"libkadm5-1.15.1-19.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"krb5-debuginfo-1.15.1-19.el7\",\n \"krb5-devel-1.15.1-19.el7\",\n \"krb5-libs-1.15.1-19.el7\",\n \"krb5-pkinit-1.15.1-19.el7\",\n \"krb5-server-1.15.1-19.el7\",\n \"krb5-server-ldap-1.15.1-19.el7\",\n \"krb5-workstation-1.15.1-19.el7\",\n \"libkadm5-1.15.1-19.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2019-05-29T19:20:27", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.([CVE-2017-11368 __](<https://access.redhat.com/security/cve/CVE-2017-11368>))\n\nAn authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.([CVE-2017-7562 __](<https://access.redhat.com/security/cve/CVE-2017-7562>))\n\n \n**Affected Packages:** \n\n\nkrb5\n\n \n**Issue Correction:** \nRun _yum update krb5_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n krb5-debuginfo-1.15.1-19.43.amzn1.i686 \n krb5-workstation-1.15.1-19.43.amzn1.i686 \n krb5-devel-1.15.1-19.43.amzn1.i686 \n krb5-pkinit-openssl-1.15.1-19.43.amzn1.i686 \n libkadm5-1.15.1-19.43.amzn1.i686 \n krb5-libs-1.15.1-19.43.amzn1.i686 \n krb5-server-1.15.1-19.43.amzn1.i686 \n krb5-server-ldap-1.15.1-19.43.amzn1.i686 \n \n src: \n krb5-1.15.1-19.43.amzn1.src \n \n x86_64: \n krb5-devel-1.15.1-19.43.amzn1.x86_64 \n krb5-server-1.15.1-19.43.amzn1.x86_64 \n krb5-debuginfo-1.15.1-19.43.amzn1.x86_64 \n krb5-workstation-1.15.1-19.43.amzn1.x86_64 \n krb5-libs-1.15.1-19.43.amzn1.x86_64 \n krb5-pkinit-openssl-1.15.1-19.43.amzn1.x86_64 \n libkadm5-1.15.1-19.43.amzn1.x86_64 \n krb5-server-ldap-1.15.1-19.43.amzn1.x86_64 \n \n \n", "modified": "2018-09-06T21:59:00", "published": "2018-09-06T21:59:00", "id": "ALAS-2018-1010", "href": "https://alas.aws.amazon.com/ALAS-2018-1010.html", "title": "Medium: krb5", "type": "amazon", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:13", "bulletinFamily": "unix", "description": "Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es):\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.", "modified": "2018-04-10T10:40:24", "published": "2018-04-10T08:57:46", "id": "RHSA-2018:0666", "href": "https://access.redhat.com/errata/RHSA-2018:0666", "type": "redhat", "title": "(RHSA-2018:0666) Moderate: krb5 security, bug fix, and enhancement update", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:40", "bulletinFamily": "unix", "description": "[1.15.1-18]\n- Expose context errors in pkinit_server_plugin_init\n- Resolves: #1460089\n[1.15.1-17]\n- Drop certauth test changes that prevented runnig it\n- Resolves: #1498767\n[1.15.1-16]\n- Drop irrelevant DIR trigger logic\n- Resolves: #1431198\n[1.15.1-15]\n- Fix CVE-2017-7562 (certauth eku bypass)\n- Resolves: #1498767\n[1.15.1-14]\n- Fix CVE-2017-11368 (s4u2 request assertion failures)\n- Resolves: #1498768\n[1.15.1-13]\n- Force-add /etc/krb5.conf.d so we can guarantee it exists\n- Resolves: #1431198\n[1.15.1-12]\n- Add krb5 policy plugin interface\n- Remove soname downgrade\n- Resolves: #1462982\n[1.15.1-11]\n- Make t_certauth.py runnable\n- Resolves: #1443388\n[1.15.1-10]\n- Add context SSF query support\n- Resolves: #1472956\n[1.15.1-9]\n- Remove incomplete PKINIT OCSP support\n- Resolves: #1460089", "modified": "2018-04-16T00:00:00", "published": "2018-04-16T00:00:00", "id": "ELSA-2018-0666", "href": "http://linux.oracle.com/errata/ELSA-2018-0666.html", "title": "krb5 security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:35:16", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2018:0666\n\n\nKerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).\n\nSecurity Fix(es):\n\n* krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562)\n\n* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2018-April/004883.html\n\n**Affected packages:**\nkrb5-devel\nkrb5-libs\nkrb5-pkinit\nkrb5-server\nkrb5-server-ldap\nkrb5-workstation\nlibkadm5\n\n**Upstream details at:**\n", "modified": "2018-04-26T17:43:57", "published": "2018-04-26T17:43:57", "id": "CESA-2018:0666", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2018-April/004883.html", "title": "krb5, libkadm5 security update", "type": "centos", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-07-26T00:00:00", "id": "OPENVAS:1361412562310872921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872921", "title": "Fedora Update for krb5 FEDORA-2017-71c47e1e82", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_71c47e1e82_krb5_fc24.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for krb5 FEDORA-2017-71c47e1e82\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872921\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-26 07:34:01 +0200 (Wed, 26 Jul 2017)\");\n script_cve_id(\"CVE-2017-11368\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for krb5 FEDORA-2017-71c47e1e82\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'krb5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"krb5 on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-71c47e1e82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3HBUSBOZFMX23YYOQM6LXZKMMQ3Y74QQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.14.4~5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:34", "bulletinFamily": "scanner", "description": "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker\ncan cause a KDC assertion failure by sending invalid S4U2Self or\nS4U2Proxy requests.", "modified": "2019-03-18T00:00:00", "published": "2018-02-07T00:00:00", "id": "OPENVAS:1361412562310891058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891058", "title": "Debian LTS Advisory ([SECURITY] [DLA 1058-1] krb5 security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1058.nasl 14281 2019-03-18 14:53:48Z cfischer $\n#\n# Auto-generated from advisory DLA 1058-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891058\");\n script_version(\"$Revision: 14281 $\");\n script_cve_id(\"CVE-2017-11368\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1058-1] krb5 security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:53:48 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 00:00:00 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/08/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"krb5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n1.10.1+dfsg-5+deb7u8.\n\nWe recommend that you upgrade your krb5 packages.\");\n script_tag(name:\"summary\", value:\"In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker\ncan cause a KDC assertion failure by sending invalid S4U2Self or\nS4U2Proxy requests.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-gss-samples\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-kdc-ldap\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-locales\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-multidev\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-pkinit\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssapi-krb5-2\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgssrpc4\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libk5crypto3\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5clnt-mit8\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkadm5srv-mit8\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkdb5-6\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-3\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libkrb5support0\", ver:\"1.10.1+dfsg-5+deb7u8\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-08-04T00:00:00", "id": "OPENVAS:1361412562310873117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873117", "title": "Fedora Update for krb5 FEDORA-2017-e5b36383f4", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_e5b36383f4_krb5_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for krb5 FEDORA-2017-e5b36383f4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873117\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 12:47:47 +0530 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2017-11368\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for krb5 FEDORA-2017-e5b36383f4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'krb5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"krb5 on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-e5b36383f4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.15.1~17.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-07-25T00:00:00", "id": "OPENVAS:1361412562310872908", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872908", "title": "Fedora Update for krb5 FEDORA-2017-8e9d9771c4", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_8e9d9771c4_krb5_fc25.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for krb5 FEDORA-2017-8e9d9771c4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872908\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-25 07:39:59 +0200 (Tue, 25 Jul 2017)\");\n script_cve_id(\"CVE-2017-11368\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for krb5 FEDORA-2017-8e9d9771c4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'krb5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"krb5 on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-8e9d9771c4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.14.4~8.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:51", "bulletinFamily": "unix", "description": "From: Lucas Kanashiro <kanashiro@debian.org>\nTo: debian-lts-announce@lists.debian.org\nSubject: [SECURITY] [DLA 1058-1] krb5 security update\n\nPackage : krb5\nVersion : 1.10.1+dfsg-5+deb7u8\nCVE ID : CVE-2017-11368\nDebian Bug : 869260\n\n\nIn MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker\ncan cause a KDC assertion failure by sending invalid S4U2Self or\nS4U2Proxy requests.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.10.1+dfsg-5+deb7u8.\n\nWe recommend that you upgrade your krb5 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2017-08-14T20:48:26", "published": "2017-08-14T20:48:26", "id": "DEBIAN:DLA-1058-1:90E67", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201708/msg00010.html", "title": "[SECURITY] [DLA 1058-1] krb5 security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:08", "bulletinFamily": "unix", "description": "\nMIT reports:\n\nCVE-2017-11368:\nIn MIT krb5 1.7 and later, an authenticated attacker can cause an\n\t assertion failure in krb5kdc by sending an invalid S4U2Self or\n\t S4U2Proxy request.\n\n\nCVE-2017-11462:\nRFC 2744 permits a GSS-API implementation to delete an existing\n\t security context on a second or subsequent call to gss_init_sec_context()\n\t or gss_accept_sec_context() if the call results in an error.\n\t This API behavior has been found to be dangerous, leading to the\n\t possibility of memory errors in some callers. For safety, GSS-API\n\t implementations should instead preserve existing security contexts\n\t on error until the caller deletes them.\nAll versions of MIT krb5 prior to this change may delete acceptor\n\t contexts on error. Versions 1.13.4 through 1.13.7, 1.14.1 through\n\t 1.14.5, and 1.15 through 1.15.1 may also delete initiator contexts\n\t on error.\n\n", "modified": "2017-07-14T00:00:00", "published": "2017-07-14T00:00:00", "id": "3F3837CC-48FB-4414-AA46-5B1C23C9FEAE", "href": "https://vuxml.freebsd.org/freebsd/3f3837cc-48fb-4414-aa46-5b1c23c9feae.html", "title": "krb5 -- Multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}