|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MITKRB5-SA-2009-004
MIT krb5 Security Advisory 2009-004
Original release: 2010-01-12
Topic: integer underflow in AES and RC4 decryption
CVE-2009-4212
integer underflow in AES and RC4 decryption
CVSSv2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C
CVSSv2 Base Score: 10
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Complete
Integrity Impact: Complete
Availability Impact: Complete
CVSSv2 Temporal Score: 7.8
Exploitability: Proof-of-Concept
Remediation Level: Official Fix
Report Confidence: Confirmed
SUMMARY
======
Integer underflow bugs in the AES and RC4 decryption operations of the
crypto library of the MIT Kerberos software can cause crashes, heap
corruption, or, under extraordinarily unlikely conditions, arbitrary
code execution. Only releases krb5-1.3 and later are vulnerable, as
earlier releases did not contain the functionality implemented by the
vulnerable code.
This is an implementation vulnerability in MIT krb5, and is not a
vulnerability in the Kerberos protocol.
IMPACT
=====
An unauthenticated remote attacker can, by inducing the decryption of
an invalid AES or RC4 ciphertext, cause a crash or heap corruption,
or, under extraordinarily unlikely conditions, arbitrary code
execution. A successful code-execution attack against a KDC can
compromise all services relying on that KDC for authentication.
However, the most probable outcome is a crash due to a memory fault or
abort() call. An attacker with a valid account in the relevant
Kerberos realm has a marginally higher chance of success to execute
arbitrary code, but the probability is still very low. Therefore, the
given Confidentiality Impact and Integrity Impact metrics of
"Complete" represent theoretical worst-case scenarios and are both
more realistically characterized as "Partial".
AFFECTED SOFTWARE
================
* KDC and application servers in MIT krb5-1.3 and later releases are
vulnerable. Earlier releases did not contain the functionality
implemented by the vulnerable code.
* Third-party applications linked with the libraries from vulnerable
releases are also vulnerable.
FIXES
====
* The upcoming krb5-1.7.1 and krb5-1.6.4 releases will contain a fix
for this vulnerability.
* For the krb5-1.7 release, apply the patch available at:
http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt
A PGP-signed patch is available at
http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt.asc
* For the krb5-1.6 releases, apply the patch available at:
http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt
A PGP-signed patch is available at
http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt.asc
* The krb5-1.6.3 patch might apply successfully to older releases.
REFERENCES
=========
This announcement is posted at:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
This announcement and related security advisories may be found on the
MIT Kerberos security advisory page at:
http://web.mit.edu/kerberos/advisories/index.html
The main MIT Kerberos web page is at:
http://web.mit.edu/kerberos/index.html
CVSSv2:
http://www.first.org/cvss/cvss-guide.html
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2
CVE: CVE-2009-4212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212
CONTACT
======
The MIT Kerberos Team security contact address is