Main Vulnerability Database SB2018090704

SB2018090704 - Amazon Linux AMI update for krb5

Published: September 7, 2018

Security Bulletin ID SB2018090704

Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Denial of service (CVE-ID: CVE-2017-11368)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to an assertion failure. A remote attacker can send invalid S4U2Self or S4U2Proxy requests and cause the krb5kdc service to exit on a targeted system.

Successful exploitation of the vulnerability results in denial of service.

2) Authentication bypass (CVE-ID: CVE-2017-7562)

The vulnerability allows a remote authenticated attacker to write arbitrary files on the target system.

The weakness exists due to an authentication bypass in the way krb5's certauth interface handled the validation of client certificates. A remote attacker can impersonate arbitrary principals under rare and erroneous circumstances.

Remediation

Install update from vendor's website.

References

https://alas.aws.amazon.com/ALAS-2018-1010.html