MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
BID:21975
Info
MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
| Bugtraq ID: | 21975 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-6144 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 09 2007 12:00AM |
| Updated: | May 15 2009 06:26PM |
| Credit: | Andrew Korty is credited with the discovery of this vulnerability. |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 10 SuSE Linux 9.3 SuSE Linux 10.1 SuSE Linux 10.0 Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Sun Solaris 10.0_x86 Sun Solaris 10.0 rPath rPath Linux 1 Redhat Fedora Core6 Redhat Fedora Core5 OpenPKG OpenPKG Stable OpenPKG OpenPKG E1.0-Solid OpenPKG OpenPKG Current OpenPKG OpenPKG 2-Stable-20061018 MIT Kerberos 5 1.5.1 MIT Kerberos 5 1.5 Gentoo Linux |
| Not Vulnerable: | |
Discussion
MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
MIT Kerberos 5 is prone to a remote code-execution vulnerability.
This issue occurs because of memory-management problems in the abstraction interface of the GSS-API implementation.
An attacker can exploit this issue to execute arbitrary code with superuser privileges, completely compromising affected computers. Failed exploit attempts will likely result in a denial-of-service conditions.
This issue also affects third-party applications using the affected API.
MIT Kerberos 5 is prone to a remote code-execution vulnerability.
This issue occurs because of memory-management problems in the abstraction interface of the GSS-API implementation.
An attacker can exploit this issue to execute arbitrary code with superuser privileges, completely compromising affected computers. Failed exploit attempts will likely result in a denial-of-service conditions.
This issue also affects third-party applications using the affected API.
Exploit / POC
MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
Solution:
The vendor has released an advisory and a patch. Please see the references for details.
MIT Kerberos 5 1.5
MIT Kerberos 5 1.5.1
Solution:
The vendor has released an advisory and a patch. Please see the references for details.
MIT Kerberos 5 1.5
-
MIT 2006-003-patch.txt
http://web.mit.edu/kerberos/advisories/2006-003-patch.txt
MIT Kerberos 5 1.5.1
-
MIT 2006-003-patch.txt
http://web.mit.edu/kerberos/advisories/2006-003-patch.txt
References
MIT Kerberos Administration Daemon Free Pointers Remote Code Execution Vulnerability
References:
References:
- Kerberos Homepage (MIT)
- MIT krb5 Security Advisory 2006-003 (MIT)
- Fedora Core 5 Update: krb5-1.4.3-5.3 (RedHat)
- Fedora Core 6 Update: krb5-1.5-13 (RedHat)
- OpenPKG-SA-2007.006 (OpenPKG)
- Solution 201294: Third-party Applications Using GSS-API May Be Vulnerable to Com (Sun)
- Sun Microsystems 102772 :Third-party Applications Using GSS-API May Be Vulnerabl (Sun Microsystems)
- Vulnerability Note VU#831452 (CERT)