Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : krb5 vulnerabilities (USN-1062-1)

medium Nessus Plugin ID 51985

Synopsis

The remote Ubuntu host is missing one or more security-related patches.

Description

Keiichi Mori discovered that the MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial of service attack due to improper logic when a worker child process exited because of invalid network input. This could only occur when kpropd is running in standalone mode; kpropd was not affected when running in incremental propagation mode ('iprop') or as an inetd server. This issue only affects Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10.
(CVE-2010-4022)

Kevin Longfellow and others discovered that the MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks when using an LDAP back end due to improper handling of network input. (CVE-2011-0281, CVE-2011-0282).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://usn.ubuntu.com/1062-1/

Plugin Details

Severity: Medium

ID: 51985

File Name: ubuntu_USN-1062-1.nasl

Version: 1.11

Type: local

Agent: unix

Published: 2/15/2011

Updated: 9/19/2019

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:krb5-admin-server, p-cpe:/a:canonical:ubuntu_linux:krb5-clients, p-cpe:/a:canonical:ubuntu_linux:krb5-doc, p-cpe:/a:canonical:ubuntu_linux:krb5-ftpd, p-cpe:/a:canonical:ubuntu_linux:krb5-kdc, p-cpe:/a:canonical:ubuntu_linux:krb5-kdc-ldap, p-cpe:/a:canonical:ubuntu_linux:krb5-multidev, p-cpe:/a:canonical:ubuntu_linux:krb5-pkinit, p-cpe:/a:canonical:ubuntu_linux:krb5-rsh-server, p-cpe:/a:canonical:ubuntu_linux:krb5-telnetd, p-cpe:/a:canonical:ubuntu_linux:krb5-user, p-cpe:/a:canonical:ubuntu_linux:libgssapi-krb5-2, p-cpe:/a:canonical:ubuntu_linux:libgssrpc4, p-cpe:/a:canonical:ubuntu_linux:libk5crypto3, p-cpe:/a:canonical:ubuntu_linux:libkadm55, p-cpe:/a:canonical:ubuntu_linux:libkadm5clnt-mit7, p-cpe:/a:canonical:ubuntu_linux:libkadm5clnt6, p-cpe:/a:canonical:ubuntu_linux:libkadm5srv-mit7, p-cpe:/a:canonical:ubuntu_linux:libkadm5srv6, p-cpe:/a:canonical:ubuntu_linux:libkdb5-4, p-cpe:/a:canonical:ubuntu_linux:libkrb5-3, p-cpe:/a:canonical:ubuntu_linux:libkrb5-dbg, p-cpe:/a:canonical:ubuntu_linux:libkrb5-dev, p-cpe:/a:canonical:ubuntu_linux:libkrb53, p-cpe:/a:canonical:ubuntu_linux:libkrb5support0, cpe:/o:canonical:ubuntu_linux:10.04:-:lts, cpe:/o:canonical:ubuntu_linux:10.10, cpe:/o:canonical:ubuntu_linux:8.04:-:lts, cpe:/o:canonical:ubuntu_linux:9.10

Required KB Items: Host/cpu, Host/Debian/dpkg-l, Host/Ubuntu, Host/Ubuntu/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/14/2011

Vulnerability Publication Date: 2/10/2011

Reference Information

CVE: CVE-2010-4022, CVE-2011-0281, CVE-2011-0282

BID: 46265, 46269, 46271

USN: 1062-1