#VU45191 Resource management error in Kerberos 5 - CVE-2011-0284

Cybersecurity Help s.r.o.

Published: 2011-03-20 | Updated: 2020-08-11

Vulnerability identifier: #VU45191

Vulnerability risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2011-0284

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kerberos 5
Client/Desktop applications / Software for system administration

Vendor: MIT

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Kerberos 5: 1.7 - 1.9

External links
https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html
https://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
https://osvdb.org/71183
https://secunia.com/advisories/43700
https://secunia.com/advisories/43760
https://secunia.com/advisories/43783
https://secunia.com/advisories/43881
https://securitytracker.com/id?1025216
https://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
https://www.kb.cert.org/vuls/id/943220
https://www.mandriva.com/security/advisories?name=MDVSA-2011:048
https://www.redhat.com/support/errata/RHSA-2011-0356.html
https://www.securityfocus.com/archive/1/517029/100/0/threaded
https://www.securityfocus.com/bid/46881
https://www.ubuntu.com/usn/USN-1088-1
https://www.vupen.com/english/advisories/2011/0672
https://www.vupen.com/english/advisories/2011/0673
https://www.vupen.com/english/advisories/2011/0680
https://www.vupen.com/english/advisories/2011/0722
https://www.vupen.com/english/advisories/2011/0763
https://exchange.xforce.ibmcloud.com/vulnerabilities/66101

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in MIT Kerberos 5