1. Ubuntu Security Notices
  2. USN-2310-1

USN-2310-1: Kerberos vulnerabilities

Publication date

11 August 2014

Overview

Several security issues were fixed in Kerberos.

Releases

Packages

  • krb5 - MIT Kerberos Network Authentication Protocol

Details

It was discovered that Kerberos incorrectly handled certain crafted Draft 9
requests. A remote attacker could use this issue to cause the daemon to
crash, resulting in a denial of service. This issue only affected Ubuntu
12.04 LTS. (CVE-2012-1016)

It was discovered that Kerberos incorrectly handled certain malformed
KRB5_PADATA_PK_AS_REQ AS-REQ requests. A remote attacker could use this
issue to cause the daemon to crash, resulting in a denial of service. This
issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-1415)

It was discovered that Kerberos incorrectly handled certain crafted TGS-REQ
requests. A remote authenticated attacker could use this issue to cause the
daemon to crash, resulting in a denial of service. This issue only affected
Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (

It was discovered that Kerberos incorrectly handled certain crafted Draft 9
requests. A remote attacker could use this issue to cause the daemon to
crash, resulting in a denial of service. This issue only affected Ubuntu
12.04 LTS. (CVE-2012-1016)

It was discovered that Kerberos incorrectly handled certain malformed
KRB5_PADATA_PK_AS_REQ AS-REQ requests. A remote attacker could use this
issue to cause the daemon to crash, resulting in a denial of service. This
issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-1415)

It was discovered that Kerberos incorrectly handled certain crafted TGS-REQ
requests. A remote authenticated attacker could use this issue to cause the
daemon to crash, resulting in a denial of service. This issue only affected
Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-1416)

It was discovered that Kerberos incorrectly handled certain crafted
requests when multiple realms were configured. A remote attacker could use
this issue to cause the daemon to crash, resulting in a denial of service.
This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS.
(CVE-2013-1418, CVE-2013-6800)

It was discovered that Kerberos incorrectly handled certain invalid tokens.
If a remote attacker were able to perform a machine-in-the-middle attack, this
flaw could be used to cause the daemon to crash, resulting in a denial of
service. (CVE-2014-4341, CVE-2014-4342)

It was discovered that Kerberos incorrectly handled certain mechanisms when
used with SPNEGO. If a remote attacker were able to perform a
machine-in-the-middle attack, this flaw could be used to cause clients to
crash, resulting in a denial of service. (CVE-2014-4343)

It was discovered that Kerberos incorrectly handled certain continuation
tokens during SPNEGO negotiations. A remote attacker could use this issue
to cause the daemon to crash, resulting in a denial of service.
(CVE-2014-4344)

Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon
incorrectly handled buffers when used with the LDAP backend. A remote
attacker could use this issue to cause the daemon to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2014-4345)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
14.04 trusty krb5-admin-server –  1.12+dfsg-2ubuntu4.2
krb5-kdc –  1.12+dfsg-2ubuntu4.2
krb5-kdc-ldap –  1.12+dfsg-2ubuntu4.2
krb5-otp –  1.12+dfsg-2ubuntu4.2
krb5-pkinit –  1.12+dfsg-2ubuntu4.2
krb5-user –  1.12+dfsg-2ubuntu4.2
libgssapi-krb5-2 –  1.12+dfsg-2ubuntu4.2
libgssrpc4 –  1.12+dfsg-2ubuntu4.2
libk5crypto3 –  1.12+dfsg-2ubuntu4.2
libkadm5clnt-mit9 –  1.12+dfsg-2ubuntu4.2
libkadm5srv-mit9 –  1.12+dfsg-2ubuntu4.2
libkdb5-7 –  1.12+dfsg-2ubuntu4.2
libkrad0 –  1.12+dfsg-2ubuntu4.2
libkrb5-3 –  1.12+dfsg-2ubuntu4.2
libkrb5support0 –  1.12+dfsg-2ubuntu4.2
12.04 precise krb5-admin-server –  1.10+dfsg~beta1-2ubuntu0.5
krb5-kdc –  1.10+dfsg~beta1-2ubuntu0.5
krb5-kdc-ldap –  1.10+dfsg~beta1-2ubuntu0.5
krb5-pkinit –  1.10+dfsg~beta1-2ubuntu0.5
krb5-user –  1.10+dfsg~beta1-2ubuntu0.5
libgssapi-krb5-2 –  1.10+dfsg~beta1-2ubuntu0.5
libgssrpc4 –  1.10+dfsg~beta1-2ubuntu0.5
libk5crypto3 –  1.10+dfsg~beta1-2ubuntu0.5
libkadm5clnt-mit8 –  1.10+dfsg~beta1-2ubuntu0.5
libkadm5srv-mit8 –  1.10+dfsg~beta1-2ubuntu0.5
libkdb5-6 –  1.10+dfsg~beta1-2ubuntu0.5
libkrb5-3 –  1.10+dfsg~beta1-2ubuntu0.5
libkrb5support0 –  1.10+dfsg~beta1-2ubuntu0.5
10.04 lucid krb5-admin-server –  1.8.1+dfsg-2ubuntu0.13
krb5-kdc –  1.8.1+dfsg-2ubuntu0.13
krb5-kdc-ldap –  1.8.1+dfsg-2ubuntu0.13
krb5-pkinit –  1.8.1+dfsg-2ubuntu0.13
krb5-user –  1.8.1+dfsg-2ubuntu0.13
libgssapi-krb5-2 –  1.8.1+dfsg-2ubuntu0.13
libgssrpc4 –  1.8.1+dfsg-2ubuntu0.13
libk5crypto3 –  1.8.1+dfsg-2ubuntu0.13
libkadm5clnt-mit7 –  1.8.1+dfsg-2ubuntu0.13
libkadm5srv-mit7 –  1.8.1+dfsg-2ubuntu0.13
libkdb5-4 –  1.8.1+dfsg-2ubuntu0.13
libkrb5-3 –  1.8.1+dfsg-2ubuntu0.13
libkrb5support0 –  1.8.1+dfsg-2ubuntu0.13

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›