Vulnerability Note VU#831452

Kerberos administration daemon may free uninitialized pointers

Original Release date: 09 Jan 2007 | Last revised: 10 May 2007

Overview

A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code.

Description

The MIT krb 5 administration daemon contains a vulnerability that may allow an attacker to execute arbitary code. According to MIT krb5 Security Advisory 2006-003:

    This vulnerability results from memory management bugs in the "mechglue" abstraction interface of the GSS-API implementation.


Note that versions krb5-1.5 through krb5-1.5.1 are affected by this vulnerability. Other server applications that utilize the GSS-API library provided with MIT krb5 may also be affected.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code resulting in the compromise of the Kerberos key database or cause a denial of service.

Solution

Apply Patch

A patch as described in MIT krb5 Security Advisory 2006-003 can be obtained from MIT. MIT also states that this will be addressed in the upcoming krb5-1.6 release and krb5-1.5.2 patch release.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Fedora ProjectAffected04 Jan 200711 Jan 2007
Gentoo LinuxAffected04 Jan 200707 Feb 2007
MIT Kerberos Development TeamAffected04 Jan 200709 Jan 2007
OpenPKGAffected-11 Jan 2007
rPathAffected-12 Jan 2007
Sun Microsystems, Inc.Affected04 Jan 200709 Jan 2007
SUSE LinuxAffected04 Jan 200711 Jan 2007
AttachmateWRQ, Inc.Not Affected04 Jan 200707 Feb 2007
CyberSafe, Inc.Not Affected04 Jan 200705 Jan 2007
Force10 Networks, Inc.Not Affected04 Jan 200710 May 2007
HitachiNot Affected04 Jan 200716 Jan 2007
HyperchipNot Affected04 Jan 200716 Jan 2007
IBM CorporationNot Affected04 Jan 200705 Jan 2007
IntotoNot Affected04 Jan 200716 Jan 2007
Juniper Networks, Inc.Not Affected04 Jan 200705 Jan 2007
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This issue is addressed in MIT krb5 Security Advisory 2006-003.

This document was written by Chris Taschner.

Other Information

  • CVE IDs: CVE-2006-6144
  • Date Public: 09 Jan 2007
  • Date First Published: 09 Jan 2007
  • Date Last Updated: 10 May 2007
  • Severity Metric: 20.92
  • Document Revision: 39

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.