Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5959-1.NASL
HistoryMar 16, 2023 - 12:00 a.m.

Ubuntu 18.04 LTS / 20.04 LTS : Kerberos vulnerabilities (USN-5959-1)

2023-03-1600:00:00
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5959-1 advisory.

  • ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)

  • The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
    (CVE-2021-37750)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5959-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(172631);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id("CVE-2021-36222", "CVE-2021-37750");
  script_xref(name:"USN", value:"5959-1");

  script_name(english:"Ubuntu 18.04 LTS / 20.04 LTS : Kerberos vulnerabilities (USN-5959-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as
referenced in the USN-5959-1 advisory.

  - ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before
    1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon
    crash. This occurs because a return value is not properly managed in a certain situation. (CVE-2021-36222)

  - The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has
    a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
    (CVE-2021-37750)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5959-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-36222");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/03/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-admin-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-gss-samples");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-k5tls");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-kdc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-kdc-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-kpropd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-locales");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-multidev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-pkinit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:krb5-user");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgssapi-krb5-2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgssrpc4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libk5crypto3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkadm5clnt-mit11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkadm5srv-mit11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkdb5-9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkrad-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkrad0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkrb5-3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkrb5-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libkrb5support0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '18.04', 'pkgname': 'krb5-admin-server', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-gss-samples', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-k5tls', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-kdc', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-kdc-ldap', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-kpropd', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-locales', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-multidev', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-otp', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-pkinit', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'krb5-user', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libgssapi-krb5-2', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libgssrpc4', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libk5crypto3', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkadm5clnt-mit11', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkadm5srv-mit11', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkdb5-9', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkrad-dev', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkrad0', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkrb5-3', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkrb5-dev', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '18.04', 'pkgname': 'libkrb5support0', 'pkgver': '1.16-2ubuntu0.4'},
    {'osver': '20.04', 'pkgname': 'krb5-admin-server', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-gss-samples', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-k5tls', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-kdc', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-kdc-ldap', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-kpropd', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-locales', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-multidev', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-otp', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-pkinit', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'krb5-user', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libgssapi-krb5-2', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libgssrpc4', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libk5crypto3', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkadm5clnt-mit11', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkadm5srv-mit11', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkdb5-9', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkrad-dev', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkrad0', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkrb5-3', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkrb5-dev', 'pkgver': '1.17-6ubuntu4.3'},
    {'osver': '20.04', 'pkgname': 'libkrb5support0', 'pkgver': '1.17-6ubuntu4.3'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'krb5-admin-server / krb5-gss-samples / krb5-k5tls / krb5-kdc / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linuxkrb5-admin-serverp-cpe:/a:canonical:ubuntu_linux:krb5-admin-server
canonicalubuntu_linuxkrb5-gss-samplesp-cpe:/a:canonical:ubuntu_linux:krb5-gss-samples
canonicalubuntu_linuxkrb5-k5tlsp-cpe:/a:canonical:ubuntu_linux:krb5-k5tls
canonicalubuntu_linuxkrb5-kdcp-cpe:/a:canonical:ubuntu_linux:krb5-kdc
canonicalubuntu_linuxkrb5-kdc-ldapp-cpe:/a:canonical:ubuntu_linux:krb5-kdc-ldap
canonicalubuntu_linuxkrb5-kpropdp-cpe:/a:canonical:ubuntu_linux:krb5-kpropd
canonicalubuntu_linuxkrb5-localesp-cpe:/a:canonical:ubuntu_linux:krb5-locales
canonicalubuntu_linuxkrb5-multidevp-cpe:/a:canonical:ubuntu_linux:krb5-multidev
Rows per page:
1-10 of 241

Related

nessus 46
almalinux 1
rocky 1
ubuntu 1
openvas 35
osv 6
oraclelinux 2
cloudfoundry 1
redhat 18
photon 5
altlinux 4
suse 6
cve 2
fedora 4
cbl_mariner 4
prion 2
redhatcve 2
veracode 2
ibm 4
debiancve 2
centos 1
alpinelinux 2
amazon 1
ubuntucve 3
debian 3
freebsd 1
ics 1
oracle 3
avleonov 1
nessus
nessus
Rocky Linux 8 : krb5 (RLSA-2021:3576)
2022-02-09 00:00:00
AlmaLinux 8 : krb5 (ALSA-2021:3576)
2022-02-09 00:00:00
Oracle Linux 8 : krb5 (ELSA-2021-3576)
2021-09-23 00:00:00
almalinux
almalinux
Moderate: krb5 security update
2021-09-21 07:09:33
rocky
rocky
krb5 security update
2021-09-21 07:09:33
ubuntu
ubuntu
Kerberos vulnerabilities
2023-03-16 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-2777)
2021-11-17 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-2689)
2021-11-12 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2022-1071)
2022-02-13 00:00:00
osv
osv
Moderate: krb5 security update
2021-09-21 07:09:33
krb5 vulnerabilities
2023-03-16 07:06:07
CVE-2021-37750
2021-08-23 05:15:08
oraclelinux
oraclelinux
krb5 security update
2021-09-23 00:00:00
krb5 security update
2021-11-24 00:00:00
cloudfoundry
cloudfoundry
USN-5959-1: Kerberos vulnerabilities Severity | Cloud Foundry
2023-04-29 00:00:00
redhat
redhat
(RHSA-2021:3576) Moderate: krb5 security update
2021-09-21 07:09:33
(RHSA-2021:4788) Moderate: krb5 security update
2021-11-23 14:40:31
(RHSA-2021:4725) Moderate: OpenShift Virtualization 2.6.8 Images security and bug fix update
2021-11-17 18:35:17
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2022-3.0-0342
2021-12-12 00:00:00
Important Photon OS Security Update - PHSA-2021-0455
2021-11-30 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0342
2021-12-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.17.2-alt3
2022-03-21 00:00:00
Security fix for the ALT Linux 10 package krb5 version 1.19.3-alt1
2022-03-18 00:00:00
Security fix for the ALT Linux 10 package krb5 version 1.19.2-alt1
2021-07-26 00:00:00
suse
suse
Security update for krb5 (moderate)
2021-10-31 00:00:00
Security update for krb5 (moderate)
2021-10-18 00:00:00
Security update for krb5 (important)
2021-08-23 00:00:00
cve
cve
CVE-2021-37750
2021-08-23 05:15:00
CVE-2021-36222
2021-07-22 18:15:00
fedora
fedora
[SECURITY] Fedora 33 Update: krb5-1.18.2-31.fc33
2021-08-27 18:55:48
[SECURITY] Fedora 34 Update: krb5-1.19.2-2.fc34
2021-08-21 01:08:11
[SECURITY] Fedora 34 Update: krb5-1.19.1-14.fc34
2021-07-14 01:21:27
cbl_mariner
cbl_mariner
CVE-2021-37750 affecting package krb5 1.19.2-1
2022-06-26 03:29:33
CVE-2021-37750 affecting package krb5 1.18.4-3
2021-11-03 19:21:15
CVE-2021-36222 affecting package krb5 1.18-4
2022-04-09 06:51:49
prion
prion
Null pointer dereference
2021-08-23 05:15:00
Null pointer dereference
2021-07-22 18:15:00
redhatcve
redhatcve
CVE-2021-37750
2021-08-23 19:05:53
CVE-2021-36222
2021-07-19 15:50:13
veracode
veracode
Denial Of Service (DoS)
2021-12-02 00:40:48
Denial Of Service (DoS)
2021-07-26 15:41:13
ibm
ibm
Security Bulletin: Vulnerability in MIT Kerberos 5 affects PowerSC (CVE-2021-37750)
2022-09-15 15:34:05
Security Bulletin: IBM QRadar Network Packet Capture is using components with known vulnerabilities
2022-03-31 14:40:20
Security Bulletin: Multiple vulnerabilities in go.etcd.io/etcd package affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data
2023-12-06 16:30:17
debiancve
debiancve
CVE-2021-37750
2021-08-23 05:15:00
CVE-2021-36222
2021-07-22 18:15:00
centos
centos
krb5, libkadm5 security update
2021-12-02 23:54:17
alpinelinux
alpinelinux
CVE-2021-37750
2021-08-23 05:15:00
CVE-2021-36222
2021-07-22 18:15:00
amazon
amazon
Medium: krb5
2022-01-18 21:37:00
ubuntucve
ubuntucve
CVE-2021-37750
2021-08-23 00:00:00
CVE-2021-36222
2021-07-22 00:00:00
CVE-2021-3671
2021-10-12 00:00:00
debian
debian
[SECURITY] [DSA 4944-1] krb5 security update
2021-07-25 07:27:47
[SECURITY] [DSA 4944-1] krb5 security update
2021-07-25 07:27:47
[SECURITY] [DLA 2771-1] krb5 security update
2021-09-30 20:08:58
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2021-10-16 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13
JSON
Related for UBUNTU_USN-5959-1.NASL
nessus46almalinux1rocky1ubuntu1openvas35osv6oraclelinux2cloudfoundry1redhat18photon5altlinux4suse6cve2fedora4cbl_mariner4prion2redhatcve2veracode2ibm4debiancve2centos1alpinelinux2amazon1ubuntucve3debian3freebsd1ics1oracle3avleonov1