Buffer overflow in MIT Kerberos 5
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2015-2698 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Kerberos 5 Client/Desktop applications / Software for system administration |
| Vendor | MIT |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Buffer overflow
EUVDB-ID: #VU33639
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-2698
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to execute arbitrary code.
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.
MitigationInstall update from vendor's website.
Vulnerable software versionsKerberos 5: 1.14
External linkshttp://krbdev.mit.edu/rt/Ticket/Display.html?id=8273
http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html
http://www.ubuntu.com/usn/USN-2810-1
http://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
