CVE-2015-8630

Опубликовано: 08 янв. 2016

Источник: redhat

CVSS2: 2.1

Описание

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.

A NULL pointer dereference flaw was found in the procedure used by the MIT Kerberos kadmind service to store policies: the kadm5_create_principal_3() and kadm5_modify_principal() function did not ensure that a policy was given when KADM5_POLICY was set. An authenticated attacker with permissions to modify the database could use this flaw to add or modify a principal with a policy set to NULL, causing the kadmind service to crash.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	krb5	Not affected
Red Hat Enterprise Linux 6	krb5	Not affected
Red Hat JBoss Enterprise Web Server 2	krb5	Not affected
Red Hat Enterprise Linux 7	krb5	Fixed	RHSA-2016:0532	31.03.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=1302632krb5: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask

2.1 Low

CVSS2

Связанные уязвимости

CVE-2015-8630

CVSS3: 7.5

ubuntu

больше 9 лет назад

CVE-2015-8630

CVSS3: 7.5

nvd

больше 9 лет назад

CVE-2015-8630

CVSS3: 7.5

debian

больше 9 лет назад

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functi ...

GHSA-ccgj-jmwf-5p3g

CVSS3: 7.5

github

больше 3 лет назад

openSUSE-SU-2016:0501-1

suse-cvrf

больше 9 лет назад

Security update for krb5

2.1 Low

CVSS2