Vulnerability Note VU#831452
Kerberos administration daemon may free uninitialized pointers
Overview
A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code.
Description
The MIT krb 5 administration daemon contains a vulnerability that may allow an attacker to execute arbitary code. According to MIT krb5 Security Advisory 2006-003: This vulnerability results from memory management bugs in the "mechglue" abstraction interface of the GSS-API implementation. Note that versions krb5-1.5 through krb5-1.5.1 are affected by this vulnerability. Other server applications that utilize the GSS-API library provided with MIT krb5 may also be affected. |
Impact
A remote, unauthenticated attacker may be able to execute arbitrary code resulting in the compromise of the Kerberos key database or cause a denial of service. |
Solution
Apply Patch |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Fedora Project | Affected | 04 Jan 2007 | 11 Jan 2007 |
| Gentoo Linux | Affected | 04 Jan 2007 | 07 Feb 2007 |
| MIT Kerberos Development Team | Affected | 04 Jan 2007 | 09 Jan 2007 |
| OpenPKG | Affected | - | 11 Jan 2007 |
| rPath | Affected | - | 12 Jan 2007 |
| Sun Microsystems, Inc. | Affected | 04 Jan 2007 | 09 Jan 2007 |
| SUSE Linux | Affected | 04 Jan 2007 | 11 Jan 2007 |
| AttachmateWRQ, Inc. | Not Affected | 04 Jan 2007 | 07 Feb 2007 |
| CyberSafe, Inc. | Not Affected | 04 Jan 2007 | 05 Jan 2007 |
| Force10 Networks, Inc. | Not Affected | 04 Jan 2007 | 10 May 2007 |
| Hitachi | Not Affected | 04 Jan 2007 | 16 Jan 2007 |
| Hyperchip | Not Affected | 04 Jan 2007 | 16 Jan 2007 |
| IBM Corporation | Not Affected | 04 Jan 2007 | 05 Jan 2007 |
| Intoto | Not Affected | 04 Jan 2007 | 16 Jan 2007 |
| Juniper Networks, Inc. | Not Affected | 04 Jan 2007 | 05 Jan 2007 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-003-mechglue.txt
- http://web.mit.edu/kerberos/advisories/2006-003-patch.txt
- http://web.mit.edu/kerberos/advisories/2006-003-patch.txt.asc
- http://securitytracker.com/alerts/2007/Jan/1017494.html
- http://www.securityfocus.com/bid/21975
- http://secunia.com/advisories/23903/
- http://secunia.com/advisories/23706/
- http://secunia.com/advisories/23701/
- http://secunia.com/advisories/23690/
- http://secunia.com/advisories/23667/
Credit
This issue is addressed in MIT krb5 Security Advisory 2006-003.
This document was written by Chris Taschner.
Other Information
- CVE IDs: CVE-2006-6144
- Date Public: 09 Jan 2007
- Date First Published: 09 Jan 2007
- Date Last Updated: 10 May 2007
- Severity Metric: 20.92
- Document Revision: 39
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.