Описание
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.12.1+dfsg-17 |
| esm-infra-legacy/trusty | not-affected | 1.12+dfsg-2ubuntu5.1 |
| lucid | released | 1.8.1+dfsg-2ubuntu0.14 |
| precise | released | 1.10+dfsg~beta1-2ubuntu0.6 |
| trusty | released | 1.12+dfsg-2ubuntu5.1 |
| trusty/esm | not-affected | 1.12+dfsg-2ubuntu5.1 |
| upstream | released | 1.12.1+dfsg-17 |
| utopic | released | 1.12.1+dfsg-10ubuntu0.1 |
Показывать по
6.1 Medium
CVSS2
Связанные уязвимости
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadm ...
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
6.1 Medium
CVSS2