[Bug 1009422] Re: (CVE-2012-1013) krb5 : kadmind denial of service

Launchpad Bug Tracker 1009422 at bugs.launchpad.net
Tue Jul 31 18:35:36 UTC 2012 

This bug was fixed in the package krb5 - 1.10+dfsg~beta1-2ubuntu0.3

---------------
krb5 (1.10+dfsg~beta1-2ubuntu0.3) precise-security; urgency=low

  * SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
    - debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
      at allocation and assignment time
    - CVE-2012-1015, CVE-2012-1014
  * SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
    - debian/patches/krb5-CVE-2012-1013.patch: check for null password
    - CVE-2012-1013
  * SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
    - debian/patches/krb5-CVE-2012-1012.patch: make the access
      controls for get_strings/set_string mirror those of
      get_principal/modify_principal
    - CVE-2012-1012
 -- Steve Beattie <sbeattie at ubuntu.com>   Thu, 26 Jul 2012 14:29:35 -0700

** Changed in: krb5 (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1012

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1014

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1015

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1009422

Title:
  (CVE-2012-1013) krb5 : kadmind denial of service

Status in “krb5” package in Ubuntu:
  Fix Released
Status in “krb5” package in Fedora:
  Unknown

Bug description:
  https://secunia.com/advisories/49346/

  Description
  A weakness has been reported in Kerberos, which can be exploited by malicious users to cause a DoS (Denial of Service).

  The vulnerability is caused due to a NULL pointer dereference error in
  the "check_1_6_dummy()" function in src/lib/kadm5/srv/svr_principal.c.
  This can be exploited to cause a crash via a create-principal request
  containing no password but the KRB5_KDB_DISALLOW_ALL_TIX flag.

  Successful exploitation requires an administrator account with
  "create" privileges.

  The weakness is reported in versions prior to 1.10.2.

  
  Solution
  Update to version 1.10.2.

  Provided and/or discovered by
  Reported by the vendor.

  Original Advisory
  http://web.mit.edu/kerberos/krb5-1.10/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/+subscriptions

More information about the foundations-bugs mailing list