Summary: | <app-crypt/mit-krb5-1.13-r1: kadmin NULL pointer dereference issues (CVE-2014-{5353,5354}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2014/12/16/1 | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 538842 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2014-12-28 09:20:47 UTC
CVE-2014-5354 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5354): plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command. CVE-2014-5353 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5353): The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. There's an updated ebuild in bug #538842 that resolves these issues. +*mit-krb5-1.13-r1 (05 Feb 2015) + + 05 Feb 2015; Eray Aslan <eras@gentoo.org> +files/2015-001-patch-r113.patch, + +files/mit-krb5-CVE-2014-5353.patch, +files/mit-krb5-CVE-2014-5354.patch, + +mit-krb5-1.13-r1.ebuild: + Security bump - bugs #533734 #538842 + Stabilization request filed at bug #538842 Maintainer(s), Thank you for you for cleanup. GLSA Vote: No Maintainer(s), please drop the vulnerable version(s). Maintainer(s), Thank you for you for cleanup. GLSA Vote: No |