Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 Tenable Network Security, Inc.DEBIAN_DLA-1265.NASL
HistoryFeb 01, 2018 - 12:00 a.m.

Debian DLA-1265-1 : krb5 security update

2018-02-0100:00:00
This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.
www.tenable.com
14

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.95

Percentile

99.3%

JSON

Kerberos, a system for authenticating users and services on a network, was affected by several vulnerabilities. The Common Vulnerabilities and Exposures project identifies the following issues.

CVE-2013-1418 Kerberos allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request when multiple realms are configured.

CVE-2014-5351 Kerberos sends old keys in a response to a -randkey
-keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.

CVE-2014-5353 When the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.

CVE-2014-5355 Kerberos expects that a krb5_read_message data field is represented as a string ending with a ‘\0’ character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the ‘\0’ character,

CVE-2016-3119 Kerberos allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.

CVE-2016-3120 Kerberos allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.

For Debian 7 ‘Wheezy’, these problems have been fixed in version 1.10.1+dfsg-5+deb7u9.

We recommend that you upgrade your krb5 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1265-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(106536);
  script_version("3.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/09/24");

  script_cve_id(
    "CVE-2013-1418",
    "CVE-2014-5351",
    "CVE-2014-5353",
    "CVE-2014-5355",
    "CVE-2016-3119",
    "CVE-2016-3120"
  );
  script_bugtraq_id(
    63555,
    70380,
    71679,
    74042
  );
  script_xref(name:"IAVB", value:"2016-B-0115-S");

  script_name(english:"Debian DLA-1265-1 : krb5 security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"Kerberos, a system for authenticating users and services on a network,
was affected by several vulnerabilities. The Common Vulnerabilities
and Exposures project identifies the following issues.

CVE-2013-1418 Kerberos allows remote attackers to cause a denial of
service (NULL pointer dereference and daemon crash) via a crafted
request when multiple realms are configured.

CVE-2014-5351 Kerberos sends old keys in a response to a -randkey
-keepold request, which allows remote authenticated users to forge
tickets by leveraging administrative access.

CVE-2014-5353 When the KDC uses LDAP, allows remote authenticated
users to cause a denial of service (daemon crash) via a successful
LDAP query with no results, as demonstrated by using an incorrect
object type for a password policy.

CVE-2014-5355 Kerberos expects that a krb5_read_message data field is
represented as a string ending with a '\0' character, which allows
remote attackers to (1) cause a denial of service (NULL pointer
dereference) via a zero-byte version string or (2) cause a denial of
service (out-of-bounds read) by omitting the '\0' character,

CVE-2016-3119 Kerberos allows remote authenticated users to cause a
denial of service (NULL pointer dereference and daemon crash) via a
crafted request to modify a principal.

CVE-2016-3120 Kerberos allows remote authenticated users to cause a
denial of service (NULL pointer dereference and daemon crash) via an
S4U2Self request.

For Debian 7 'Wheezy', these problems have been fixed in version
1.10.1+dfsg-5+deb7u9.

We recommend that you upgrade your krb5 packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/wheezy/krb5");
  script_set_attribute(attribute:"solution", value:
"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/01/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-admin-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-gss-samples");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-kdc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-kdc-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-locales");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-multidev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-pkinit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5-user");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libkadm5clnt-mit8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libkadm5srv-mit8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libkdb5-6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libkrb5-dev");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"krb5-admin-server", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-doc", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-gss-samples", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-kdc", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-kdc-ldap", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-locales", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-multidev", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-pkinit", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"krb5-user", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"libkadm5clnt-mit8", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"libkadm5srv-mit8", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"libkdb5-6", reference:"1.10.1+dfsg-5+deb7u9")) flag++;
if (deb_check(release:"7.0", prefix:"libkrb5-dev", reference:"1.10.1+dfsg-5+deb7u9")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxkrb5-admin-serverp-cpe:/a:debian:debian_linux:krb5-admin-server
debiandebian_linuxkrb5-docp-cpe:/a:debian:debian_linux:krb5-doc
debiandebian_linuxkrb5-gss-samplesp-cpe:/a:debian:debian_linux:krb5-gss-samples
debiandebian_linuxkrb5-kdcp-cpe:/a:debian:debian_linux:krb5-kdc
debiandebian_linuxkrb5-kdc-ldapp-cpe:/a:debian:debian_linux:krb5-kdc-ldap
debiandebian_linuxkrb5-localesp-cpe:/a:debian:debian_linux:krb5-locales
debiandebian_linuxkrb5-multidevp-cpe:/a:debian:debian_linux:krb5-multidev
debiandebian_linuxkrb5-pkinitp-cpe:/a:debian:debian_linux:krb5-pkinit
debiandebian_linuxkrb5-userp-cpe:/a:debian:debian_linux:krb5-user
debiandebian_linuxlibkadm5clnt-mit8p-cpe:/a:debian:debian_linux:libkadm5clnt-mit8
Rows per page:
1-10 of 141

Related

osv 3
openvas 31
debian 1
centos 3
nessus 54
amazon 3
ibm 4
redhat 3
oraclelinux 3
f5 7
securityvulns 6
checkpoint_advisories 2
cvelist 6
cve 7
mageia 7
ubuntucve 7
debiancve 6
prion 6
veracode 4
nvd 6
aix 1
fedora 10
alpinelinux 2
redhatcve 1
altlinux 11
freebsd 2
archlinux 2
ubuntu 1
osv
osv
krb5 - security update
2018-01-31 00:00:00
CVE-2016-3119
2016-03-26 01:59:00
CVE-2016-3120
2016-08-01 02:59:00
openvas
openvas
Debian: Security Advisory (DLA-1265-1)
2018-02-20 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2016-1076)
2020-01-23 00:00:00
RedHat Update for krb5 RHSA-2016:2591-02
2016-11-04 00:00:00
debian
debian
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:34
centos
centos
krb5, libkadm5 security update
2016-11-25 15:30:33
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-11-30 19:36:32
nessus
nessus
EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2016-1076)
2017-05-01 00:00:00
Oracle Linux 7 : krb5 (ELSA-2016-2591)
2016-11-11 00:00:00
RHEL 7 : krb5 (RHSA-2016:2591)
2016-11-04 00:00:00
amazon
amazon
Low: krb5
2017-02-06 18:00:00
Medium: krb5
2015-05-05 15:44:00
Medium: krb5
2015-12-14 10:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in krb5 affect PowerKVM (CVE-2016-3119, CVE-2016-3120)
2018-06-18 01:34:16
Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422)
2018-06-16 21:25:59
Security Bulletin: Vulnerability in Kerberos affects Power Hardware Management Console (CVE-2016-3120 )
2021-09-23 01:31:39
redhat
redhat
(RHSA-2016:2591) Low: krb5 security, bug fix, and enhancement update
2016-11-03 06:07:15
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:2154) Moderate: krb5 security, bug fix, and enhancement update
2015-11-19 14:40:51
oraclelinux
oraclelinux
krb5 security, bug fix, and enhancement update
2016-11-09 00:00:00
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix, and enhancement update
2015-11-23 00:00:00
f5
f5
K16743 : MIT Kerberos 5 vulnerability CVE-2014-5355
2015-09-17 00:00:00
SOL16743 - MIT Kerberos 5 vulnerability CVE-2014-5355
2015-06-15 00:00:00
K15784 : Kerberos vulnerability CVE-2013-1418
2014-11-03 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:009 ] krb5
2015-01-13 00:00:00
MIT krb5 privilege escalation
2014-11-24 00:00:00
MIT Kerberos 5 KDC DoS
2013-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos 5 recvauth Denial Of Service (CVE-2014-5355)
2015-05-13 00:00:00
Kerberos Multi-realm KDC NULL Pointer Dereference Denial of Service (CVE-2013-1418)
2013-01-06 00:00:00
cvelist
cvelist
CVE-2014-5355
2015-02-20 11:00:00
CVE-2014-5353
2014-12-16 23:00:00
CVE-2013-1418
2013-11-16 02:00:00
cve
cve
CVE-2014-5355
2015-02-20 11:59:00
CVE-2013-1418
2013-11-18 03:55:05
CVE-2016-3119
2016-03-26 01:59:05
mageia
mageia
Updated krb5 package fixes security vulnerability
2015-03-28 00:12:10
Updated krb5 packages fix security vulnerability
2014-11-21 15:44:16
Updated krb5 package fixes security vulnerabily
2013-11-21 00:38:57
ubuntucve
ubuntucve
CVE-2014-5355
2015-02-20 00:00:00
CVE-2014-5353
2014-12-16 00:00:00
CVE-2016-3119
2016-03-26 00:00:00
debiancve
debiancve
CVE-2014-5355
2015-02-20 11:59:00
CVE-2013-1418
2013-11-18 03:55:05
CVE-2014-5353
2014-12-16 23:59:00
prion
prion
Null pointer dereference
2015-02-20 11:59:00
Cross site request forgery (csrf)
2014-10-10 01:55:00
Null pointer dereference
2016-03-26 01:59:00
veracode
veracode
Remote Code Execution
2019-05-02 05:13:02
Arbitrary Code Execution
2019-05-02 05:13:02
Denial Of Service (DoS)
2018-08-13 03:20:21
nvd
nvd
CVE-2014-5355
2015-02-20 11:59:00
CVE-2016-3119
2016-03-26 01:59:05
CVE-2014-5353
2014-12-16 23:59:00
aix
aix
AIX NAS vulnerability
2015-01-20 04:42:45
fedora
fedora
[SECURITY] Fedora 22 Update: krb5-1.13.2-14.fc22
2016-04-05 14:21:44
[SECURITY] Fedora 23 Update: krb5-1.14.1-3.fc23
2016-03-22 19:54:27
[SECURITY] Fedora 24 Update: krb5-1.14.1-3.fc24
2016-03-27 00:11:38
alpinelinux
alpinelinux
CVE-2016-3119
2016-03-26 01:59:05
CVE-2016-3120
2016-08-01 02:59:12
redhatcve
redhatcve
CVE-2016-3120
2016-07-28 09:48:27
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.14.4-alt1.M80P.1
2017-02-15 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt1
2014-10-31 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.13-alt1
2014-10-31 00:00:00
freebsd
freebsd
krb5 -- KDC denial of service vulnerability
2016-07-20 00:00:00
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-12 00:00:00
archlinux
archlinux
lib32-krb5: multiple issues
2015-07-12 00:00:00
krb5: multiple issues
2015-07-12 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.95

Percentile

99.3%

JSON
Related for DEBIAN_DLA-1265.NASL
osv3openvas31debian1centos3nessus54amazon3ibm4redhat3oraclelinux3f57securityvulns6checkpoint_advisories2cvelist6cve7mageia7ubuntucve7debiancve6prion6veracode4nvd6aix1fedora10alpinelinux2redhatcve1altlinux11freebsd2archlinux2ubuntu1