MitM attack in Heimdal
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-12098 |
| CWE-ID | CWE-320 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
heimdal Server applications / Encryption software |
| Vendor | Heimdal Software |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Key management errors
EUVDB-ID: #VU29242
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2019-12098
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a Man-in-the-Middle (MitM) attack.
The vulnerability exists due to Heimdal fails to verify anonymous PKINIT PA-PKINIT-KX key exchange within the krb5_init_creds_step() function in lib/krb5/init_creds_pw.c. A remote attacker can perform a MitM attack against the Heimdal client.
Install updates from vendor's website.
Vulnerable software versionsheimdal: 7.0.1 - 7.5.0
CPE2.3 External links
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
http://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
http://github.com/heimdal/heimdal/compare/3e58559...bbafe72
http://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
http://seclists.org/bugtraq/2019/Jun/1
http://www.debian.org/security/2019/dsa-4455
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
