Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2015-518
HistoryMay 05, 2015 - 3:44 p.m.

Medium: krb5

2015-05-0515:44:00
alas.aws.amazon.com
9

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

JSON

Issue Overview:

A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) could call the gss_process_context_token() function and use this flaw to crash that application. (CVE-2014-5352)

If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker who has the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)

It was found that the krb5_read_message() function of MIT Kerberos did not correctly sanitize input, and could create invalid krb5_data objects. A remote, unauthenticated attacker could use this flaw to crash a Kerberos child process via a specially crafted request. (CVE-2014-5355)

A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, via specially crafted XDR packets. (CVE-2014-9421)

It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as “kad/x”) could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)

Affected Packages:

krb5

Issue Correction:
Run yum update krb5 to update your system.

New Packages:

i686:  
    krb5-devel-1.10.3-37.29.amzn1.i686  
    krb5-pkinit-openssl-1.10.3-37.29.amzn1.i686  
    krb5-server-ldap-1.10.3-37.29.amzn1.i686  
    krb5-debuginfo-1.10.3-37.29.amzn1.i686  
    krb5-libs-1.10.3-37.29.amzn1.i686  
    krb5-workstation-1.10.3-37.29.amzn1.i686  
    krb5-server-1.10.3-37.29.amzn1.i686  
  
src:  
    krb5-1.10.3-37.29.amzn1.src  
  
x86_64:  
    krb5-devel-1.10.3-37.29.amzn1.x86_64  
    krb5-server-1.10.3-37.29.amzn1.x86_64  
    krb5-debuginfo-1.10.3-37.29.amzn1.x86_64  
    krb5-server-ldap-1.10.3-37.29.amzn1.x86_64  
    krb5-workstation-1.10.3-37.29.amzn1.x86_64  
    krb5-libs-1.10.3-37.29.amzn1.x86_64  
    krb5-pkinit-openssl-1.10.3-37.29.amzn1.x86_64

Additional References

Red Hat: CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, CVE-2014-9422

Mitre: CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, CVE-2014-9422

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686krb5-devel< 1.10.3-37.29.amzn1krb5-devel-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-pkinit-openssl< 1.10.3-37.29.amzn1krb5-pkinit-openssl-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-server-ldap< 1.10.3-37.29.amzn1krb5-server-ldap-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-debuginfo< 1.10.3-37.29.amzn1krb5-debuginfo-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-libs< 1.10.3-37.29.amzn1krb5-libs-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-workstation< 1.10.3-37.29.amzn1krb5-workstation-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1i686krb5-server< 1.10.3-37.29.amzn1krb5-server-1.10.3-37.29.amzn1.i686.rpm
Amazon Linux1x86_64krb5-devel< 1.10.3-37.29.amzn1krb5-devel-1.10.3-37.29.amzn1.x86_64.rpm
Amazon Linux1x86_64krb5-server< 1.10.3-37.29.amzn1krb5-server-1.10.3-37.29.amzn1.x86_64.rpm
Amazon Linux1x86_64krb5-debuginfo< 1.10.3-37.29.amzn1krb5-debuginfo-1.10.3-37.29.amzn1.x86_64.rpm
Rows per page:
1-10 of 141

Related

redhat 3
veracode 6
oraclelinux 3
centos 3
openvas 30
nessus 39
ibm 10
aix 1
fedora 4
archlinux 3
freebsd 4
altlinux 9
mageia 3
debian 3
securityvulns 4
osv 3
suse 3
ubuntu 2
f5 6
debiancve 5
ubuntucve 5
prion 5
cve 5
checkpoint_advisories 1
amazon 1
attackerkb 1
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
(RHSA-2015:2154) Moderate: krb5 security, bug fix, and enhancement update
2015-11-19 14:40:51
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:13:02
Privilege Escalation
2019-05-02 05:13:02
Remote Code Execution
2019-05-02 05:13:02
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
krb5 security, bug fix, and enhancement update
2015-11-23 00:00:00
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
krb5 security update
2015-11-30 19:36:32
openvas
openvas
RedHat Update for krb5 RHSA-2015:0794-01
2015-04-10 00:00:00
CentOS Update for krb5-devel CESA-2015:0794 centos6
2015-04-10 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-518)
2015-09-08 00:00:00
nessus
nessus
Scientific Linux Security Update : krb5 on SL6.x i386/x86_64 (20150409)
2015-04-10 00:00:00
OracleVM 3.3 : krb5 (OVMSA-2015-0054)
2015-04-10 00:00:00
Amazon Linux AMI : krb5 (ALAS-2015-518)
2015-05-07 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422)
2018-06-16 21:25:59
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423)
2022-02-23 19:48:26
Security Bulletin: Multiple Kerberos (krb5) vulnerabilities affect PowerKVM (Multiple CVEs)
2018-06-18 01:27:54
aix
aix
Multiple Security vulnerabilities in IBM NAS(kerberos)
2015-05-21 05:06:05
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 20 Update: krb5-1.11.5-18.fc20
2015-03-09 08:18:34
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
lib32-krb5: multiple issues
2015-07-12 00:00:00
krb5: multiple issues
2015-07-12 00:00:00
freebsd
freebsd
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-03 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt3
2015-02-08 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-02-15 18:57:20
Updated krb5 package fixes security vulnerability
2015-03-28 00:12:10
Updated krb5 packages fix CVE-2014-5353
2014-12-19 18:06:35
debian
debian
[SECURITY] [DLA 146-1] krb5 security update
2015-02-07 11:00:23
[SECURITY] [DSA 3153-1] krb5 security update
2015-02-03 20:50:26
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:55
securityvulns
securityvulns
MIT Kerberos 5 multiple security vulnerabilities
2015-02-11 00:00:00
MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token
2015-02-11 00:00:00
[ MDVSA-2015:009 ] krb5
2015-01-13 00:00:00
osv
osv
krb5 - security update
2015-02-03 00:00:00
krb5 - security update
2015-02-07 00:00:00
krb5 - security update
2018-01-31 00:00:00
suse
suse
Security update for krb5 (important)
2015-02-11 18:08:30
Security update for krb5 (important)
2015-02-16 15:04:57
Security update for krb5 (important)
2015-02-16 14:05:49
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
Kerberos vulnerabilities
2015-11-12 00:00:00
f5
f5
K16443 : MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
SOL16443 - MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
K16743 : MIT Kerberos 5 vulnerability CVE-2014-5355
2015-09-17 00:00:00
debiancve
debiancve
CVE-2014-9421
2015-02-19 11:59:00
CVE-2014-5355
2015-02-20 11:59:00
CVE-2014-9422
2015-02-19 11:59:00
ubuntucve
ubuntucve
CVE-2014-9421
2015-02-03 00:00:00
CVE-2014-9422
2015-02-03 00:00:00
CVE-2014-5355
2015-02-20 00:00:00
prion
prion
Authorization
2015-02-19 11:59:00
Double free
2015-02-19 11:59:00
Null pointer dereference
2015-02-20 11:59:00
cve
cve
CVE-2014-9422
2015-02-19 11:59:00
CVE-2014-9421
2015-02-19 11:59:00
CVE-2014-5355
2015-02-20 11:59:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos 5 recvauth Denial Of Service (CVE-2014-5355)
2015-05-13 00:00:00
amazon
amazon
Medium: krb5
2015-12-14 10:00:00
attackerkb
attackerkb
Microsoft Internet Explorer Use-After-Free Vulnerability
2014-10-15 00:00:00

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

JSON
Related for ALAS-2015-518
redhat3veracode6oraclelinux3centos3openvas30nessus39ibm10aix1fedora4archlinux3freebsd4altlinux9mageia3debian3securityvulns4osv3suse3ubuntu2f56debiancve5ubuntucve5prion5cve5checkpoint_advisories1amazon1attackerkb1