Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2009-0410.NASL
HistoryApr 08, 2009 - 12:00 a.m.

RHEL 2.1 / 3 : krb5 (RHSA-2009:0410)

2009-04-0800:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
JSON

Updated krb5 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC).

An input validation flaw was found in the ASN.1 (Abstract Syntax Notation One) decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer or, possibly, execute arbitrary code with the privileges of the user running the service. (CVE-2009-0846)

All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. All running services using the MIT Kerberos libraries must be restarted for the update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:0410. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(36114);
  script_version("1.24");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2009-0844", "CVE-2009-0845", "CVE-2009-0846", "CVE-2009-0847");
  script_xref(name:"RHSA", value:"2009:0410");

  script_name(english:"RHEL 2.1 / 3 : krb5 (RHSA-2009:0410)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated krb5 packages that fix a security issue are now available for
Red Hat Enterprise Linux 2.1 and 3.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).

An input validation flaw was found in the ASN.1 (Abstract Syntax
Notation One) decoder used by MIT Kerberos. A remote attacker could
use this flaw to crash a network service using the MIT Kerberos
library, such as kadmind or krb5kdc, by causing it to dereference or
free an uninitialized pointer or, possibly, execute arbitrary code
with the privileges of the user running the service. (CVE-2009-0846)

All krb5 users should upgrade to these updated packages, which contain
a backported patch to correct this issue. All running services using
the MIT Kerberos libraries must be restarted for the update to take
effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2009-0846"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2009:0410"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(20, 119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-workstation");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/03/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/04/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/08");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2009:0410";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-devel-1.2.2-49")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-libs-1.2.2-49")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-server-1.2.2-49")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-workstation-1.2.2-49")) flag++;

  if (rpm_check(release:"RHEL3", reference:"krb5-devel-1.2.7-70")) flag++;
  if (rpm_check(release:"RHEL3", reference:"krb5-libs-1.2.7-70")) flag++;
  if (rpm_check(release:"RHEL3", reference:"krb5-server-1.2.7-70")) flag++;
  if (rpm_check(release:"RHEL3", reference:"krb5-workstation-1.2.7-70")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxkrb5-develp-cpe:/a:redhat:enterprise_linux:krb5-devel
redhatenterprise_linuxkrb5-libsp-cpe:/a:redhat:enterprise_linux:krb5-libs
redhatenterprise_linuxkrb5-serverp-cpe:/a:redhat:enterprise_linux:krb5-server
redhatenterprise_linuxkrb5-workstationp-cpe:/a:redhat:enterprise_linux:krb5-workstation
redhatenterprise_linux2.1cpe:/o:redhat:enterprise_linux:2.1
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 31
openvas 69
fedora 2
osv 1
securityvulns 7
ubuntu 1
suse 1
debian 1
oraclelinux 3
gentoo 1
vmware 4
centos 4
redhat 3
seebug 2
debiancve 4
ubuntucve 4
cve 4
veracode 3
prion 4
checkpoint_advisories 2
nessus
nessus
OracleVM 2.1 : krb5 (OVMSA-2009-0003)
2014-11-26 00:00:00
openSUSE Security Update : krb5 (krb5-740)
2009-07-21 00:00:00
CentOS 3 : krb5 (CESA-2009:0410)
2009-04-08 00:00:00
openvas
openvas
Solaris Update for krb5, gss 112908-36
2009-10-13 00:00:00
Solaris Update for Supplemental Encryption Kerberos V5 112240-14
2009-10-13 00:00:00
Solaris Update for pam_krb5.so.1 140074-09
2009-10-13 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: krb5-1.6.3-16.fc9
2009-04-07 23:23:58
[SECURITY] Fedora 10 Update: krb5-1.6.3-18.fc10
2009-04-07 23:24:17
osv
osv
krb5 - several vulnerabilities
2009-04-09 00:00:00
securityvulns
securityvulns
MIT Kerberos 5 multiple security vulnerabilities
2009-04-08 00:00:00
MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]
2009-04-08 00:00:00
MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846]
2009-04-08 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2009-04-07 00:00:00
suse
suse
remote code execution in krb5
2009-04-08 16:25:40
debian
debian
[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities
2009-04-09 01:33:24
oraclelinux
oraclelinux
krb5 security update
2009-04-07 00:00:00
krb5 security update
2009-04-07 00:00:00
krb5 security update
2009-04-07 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2009-04-08 00:00:00
vmware
vmware
ESX Service Console update for krb5
2009-06-30 00:00:00
ESX Service Console update for krb5
2009-06-30 00:00:00
VMware ESXi and ESX third party updates for Service Console and Likewise components
2010-11-15 00:00:00
centos
centos
krb5 security update
2009-04-08 12:00:24
krb5 security update
2009-04-07 19:43:34
krb5 security update
2009-04-20 04:45:23
redhat
redhat
(RHSA-2009:0408) Important: krb5 security update
2009-04-07 00:00:00
(RHSA-2009:0409) Important: krb5 security update
2009-04-07 00:00:00
(RHSA-2009:0410) Critical: krb5 security update
2009-04-07 00:00:00
seebug
seebug
MIT Kerberos SPNEGOๅ’ŒASN.1ๅคšไธชๆ‹’็ปๆœๅŠกๆผๆดž
2009-04-10 00:00:00
MIT Kerberos NegTokenInitไปค็‰Œๅค„็†่ฟœ็จ‹ๆ‹’็ปๆœๅŠกๆผๆดž
2009-03-28 00:00:00
debiancve
debiancve
CVE-2009-0846
2009-04-09 00:30:00
CVE-2009-0844
2009-04-09 00:30:00
CVE-2009-0845
2009-03-27 16:30:00
ubuntucve
ubuntucve
CVE-2009-0846
2009-04-09 00:00:00
CVE-2009-0844
2009-04-09 00:00:00
CVE-2009-0845
2009-03-27 00:00:00
cve
cve
CVE-2009-0846
2009-04-09 00:30:00
CVE-2009-0844
2009-04-09 00:30:00
CVE-2009-0845
2009-03-27 16:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:37:20
Arbitrary Code Execution
2020-04-10 00:37:21
Denial Of Service (DoS)
2020-04-10 00:37:21
prion
prion
Buffer overflow
2009-04-09 00:30:00
Null pointer dereference
2009-04-09 00:30:00
Null pointer dereference
2009-03-27 16:30:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference (CVE-2009-0846)
2009-04-27 00:00:00
MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference - Ver2 (CVE-2009-0846)
2014-12-28 00:00:00
JSON
Related for REDHAT-RHSA-2009-0410.NASL
nessus31openvas69fedora2osv1securityvulns7ubuntu1suse1debian1oraclelinux3gentoo1vmware4centos4redhat3seebug2debiancve4ubuntucve4cve4veracode3prion4checkpoint_advisories2