4876 : MIT Kerberos 5 krshd Overflow
Printer | http://osvdb.org/4876 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

5 months ago

Percent Complete

100%

Disclosure

May 28, 2000

Discovery

May 17, 2000

Dates

Exploit

Unknown

Solution

Unknown

Description

Local or remote users can obtain root access on the system running krshd from the MIT port of Kerberos 5. The vulnerability is a buffer overrun in the krb_rd_req() function which is used by essentially all Kerberos-authenticated services that use Kerberos 4 compatibility code for authentication within the MIT Kerberos 5 source distributions.

Classification

Location: Local Access Required, Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version krb5-1.2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Disable the krshd program completely until a patched version can be installed.

Products

Cygnus	KerbNet	5.0.x
Cygnus	Cygnus Network Security	4.0.x

MIT	Kerberos 5	5.0 -1.0.x
		5.0 -1.1.1

References

Bugtraq ID: 1220
CIAC Advisory: k-043
RedHat RHSA: RHSA-2000-025
Other Advisory URL: http://www.kr.freebsd.org/ml/announce/2000/05/msg00013.shtml
ISS X-Force ID: 4521
Vendor Specific Advisory URL: http://web.mit.edu/kerberos/www/advisories/krb4buf.txt
CVE ID: 2000-0391 (see also: NVD)
CERT: CA-2000-06

Credit

Jim Paris - jimjtan.com -

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cygnus

KerbNet

Cygnus Network Security

MIT

Kerberos 5

References

Credit

Blogs

Comments