MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
BID:68908
Info
MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
| Bugtraq ID: | 68908 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2014-4342 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 25 2014 12:00AM |
| Updated: | May 07 2015 05:31PM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
Ubuntu Ubuntu Linux 14.04 LTS Ubuntu Ubuntu Linux 12.04 LTS Ubuntu Ubuntu Linux 10.04.LTS Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Oracle Enterprise Linux 7 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 MIT Kerberos 5 1.12.1 MIT Kerberos 5 1.11.1 MIT Kerberos 5 1.10.6 MIT Kerberos 5 1.10.4 MIT Kerberos 5 1.10.3 MIT Kerberos 5 1.9.5 MIT Kerberos 5 1.8.4 MIT Kerberos 5 1.8.3 MIT Kerberos 5 1.8.2 MIT Kerberos 5 1.8.1 MIT Kerberos 5 1.7.2 MIT Kerberos 5 1.7.1 MIT Kerberos 5 1.9 MIT Kerberos 5 1.8 MIT Kerberos 5 1.7 MIT Kerberos 5 1.12 MIT Kerberos 5 1.11.4 MIT Kerberos 5 1.11.3 MIT Kerberos 5 1.11.2 MIT Kerberos 5 1.10.7 MIT Kerberos 5 1.10.2 MIT Kerberos 5 1.10.1 MIT Kerberos 5 1.10 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 IBM Power HMC 8.8.2.0 IBM Power HMC 8.8.1.0 F5 Enterprise Manager 3.1.1 F5 Enterprise Manager 3.1 F5 Enterprise Manager 3.0 F5 Enterprise Manager 2.3 F5 Enterprise Manager 2.1 F5 Enterprise Manager 2.0 F5 BIG-IQ Security 4.3 F5 BIG-IQ Security 4.2 F5 BIG-IQ Security 4.1 F5 BIG-IQ Security 4.0 F5 BIG-IQ Device 4.3 F5 BIG-IQ Device 4.2 F5 BIG-IQ Cloud 4.3 F5 BIG-IQ Cloud 4.2 F5 BIG-IQ Cloud 4.1 F5 BIG-IQ Cloud 4.0 F5 BIG-IP WOM 11.5.1 F5 BIG-IP WOM 11.2 F5 BIG-IP WOM 11.0 F5 BIG-IP WOM 10.2.4 F5 BIG-IP WOM 10.2.2 F5 BIG-IP WOM 10.2.1 F5 BIG-IP WOM 10.0 F5 BIG-IP WOM 11.3.0 HF4 F5 BIG-IP WOM 11.3.0 F5 BIG-IP WOM 11.2.1 HF5 F5 BIG-IP WOM 11.2.1 HF3 F5 BIG-IP WOM 11.2.1 F5 BIG-IP WOM 11.2.0 HF5 F5 BIG-IP WOM 11.2.0 HF3 F5 BIG-IP WOM 11.1.0 HF7 F5 BIG-IP WOM 11.1.0 F5 BIG-IP WebAccelerator 11.2.0 0 F5 BIG-IP WebAccelerator 11.5.1 F5 BIG-IP WebAccelerator 11.3 F5 BIG-IP WebAccelerator 11.2.1 F5 BIG-IP WebAccelerator 11.1 F5 BIG-IP WebAccelerator 11.0 F5 BIG-IP WebAccelerator 10.2.4 F5 BIG-IP WebAccelerator 10.2.1 F5 BIG-IP WebAccelerator 10.0 F5 BIG-IP PSM 11.5.1 F5 BIG-IP PSM 11.5 F5 BIG-IP PSM 11.4.1 F5 BIG-IP PSM 11.3 F5 BIG-IP PSM 11.2 F5 BIG-IP PSM 11.1 F5 BIG-IP PSM 11.0 F5 BIG-IP PSM 10.2.4 F5 BIG-IP PSM 10.2.1 F5 BIG-IP PSM 10.0 F5 BIG-IP PSM 11.3.0 HF4 F5 BIG-IP PSM 11.2.1 HF5 F5 BIG-IP PSM 11.2.1 HF3 F5 BIG-IP PSM 11.2.1 HF2 F5 BIG-IP PSM 11.2.1 HF1 F5 BIG-IP PSM 11.2.1 F5 BIG-IP PSM 11.2.0 HF5 F5 BIG-IP PSM 11.2.0 HF3 F5 BIG-IP PSM 11.2.0 HF2 F5 BIG-IP PSM 11.1.0 HF7 F5 BIG-IP PEM 11.5.1 F5 BIG-IP PEM 11.5 F5 BIG-IP PEM 11.3 F5 BIG-IP PEM 11.4.1 F5 BIG-IP PEM 11.3.0 HF4 F5 BIG-IP LTM 11.5.1 F5 BIG-IP LTM 11.5 F5 BIG-IP LTM 11.2 F5 BIG-IP LTM 11.0 F5 BIG-IP LTM 10.2.4 F5 BIG-IP LTM 10.2.2 F5 BIG-IP LTM 11.5 F5 BIG-IP LTM 11.4.1 F5 BIG-IP LTM 11.3.0 F5 BIG-IP LTM 11.2.1 F5 BIG-IP LTM 11.1.0 F5 BIG-IP LTM 10.2.1 F5 BIG-IP Link Controller 11.2.0 0 F5 BIG-IP Link Controller 11.5.1 F5 BIG-IP Link Controller 11.5 F5 BIG-IP Link Controller 11.3 F5 BIG-IP Link Controller 11.2.1 HF3 F5 BIG-IP Link Controller 11.2.1 F5 BIG-IP Link Controller 11.2 HF3 F5 BIG-IP Link Controller 11.1 F5 BIG-IP Link Controller 11.0 F5 BIG-IP Link Controller 10.2.4 F5 BIG-IP Link Controller 10.2.2 F5 BIG-IP Link Controller 10.2.1 F5 BIG-IP Link Controller 10.0 F5 BIG-IP Link Controller 11.4.1 F5 BIG-IP Link Controller 11.3.0 HF4 F5 BIG-IP Link Controller 11.2.1 HF5 F5 BIG-IP Link Controller 11.2.1 HF2 F5 BIG-IP Link Controller 11.2.1 HF1 F5 BIG-IP Link Controller 11.2.0 HF5 F5 BIG-IP Link Controller 11.2.0 HF2 F5 BIG-IP Link Controller 11.1.0 HF7 F5 BIG-IP GTM 11.5.1 F5 BIG-IP GTM 11.5 F5 BIG-IP GTM 11.3 F5 BIG-IP GTM 11.2.1 HF3 F5 BIG-IP GTM 11.2 F5 BIG-IP GTM 11.0 F5 BIG-IP GTM 10.2.4 F5 BIG-IP GTM 10.2.2 F5 BIG-IP GTM 10.2.1 F5 BIG-IP GTM 10.0 F5 BIG-IP GTM 11.4.1 F5 BIG-IP GTM 11.3.0 HF4 F5 BIG-IP GTM 11.2.1 HF5 F5 BIG-IP GTM 11.2.1 HF2 F5 BIG-IP GTM 11.2.1 HF1 F5 BIG-IP GTM 11.2.1 F5 BIG-IP GTM 11.2.0 HF5 F5 BIG-IP GTM 11.2.0 HF3 F5 BIG-IP GTM 11.2.0 HF2 F5 BIG-IP GTM 11.1.0 HF7 F5 BIG-IP GTM 11.1.0 F5 BIG-IP Edge Gateway 11.3 F5 BIG-IP Edge Gateway 11.2.1 HF3 F5 BIG-IP Edge Gateway 11.2.1 F5 BIG-IP Edge Gateway 11.2 HF3 F5 BIG-IP Edge Gateway 11.2 F5 BIG-IP Edge Gateway 11.1 F5 BIG-IP Edge Gateway 11.0 F5 BIG-IP Edge Gateway 10.2.4 F5 BIG-IP Edge Gateway 10.2.2 F5 BIG-IP Edge Gateway 10.2.1 F5 BIG-IP Edge Gateway 10.1 F5 BIG-IP Edge Gateway 11.2.1 HF5 F5 BIG-IP Edge Gateway 11.2.1 HF2 F5 BIG-IP Edge Gateway 11.2.0 HF5 F5 BIG-IP Edge Gateway 11.1.0 HF7 F5 BIG-IP Edge Gateway 10.1 F5 BIG-IP ASM 11.2.0 HF2 0 F5 BIG-IP ASM 11.2.0 0 F5 BIG-IP ASM 11.0.0 0 F5 BIG-IP ASM 10.2.4 0 F5 BIG-IP ASM 10.0.0 0 F5 BIG-IP ASM 10.2.2 F5 BIG-IP ASM 10.2.1 F5 BIG-IP ASM 11.3.0 F5 BIG-IP ASM 11.2.1 HF5 F5 BIG-IP ASM 11.2.1 HF3 F5 BIG-IP ASM 11.2.1 HF2 F5 BIG-IP ASM 11.2.1 HF1 F5 BIG-IP ASM 11.2.1 F5 BIG-IP ASM 11.2.0 HF5 F5 BIG-IP ASM 11.2.0 HF3 F5 BIG-IP ASM 11.1.0 HF7 F5 BIG-IP ASM 11.1.0 F5 BIG-IP APM 11.5.1 F5 BIG-IP APM 11.2 F5 BIG-IP APM 11.0 F5 BIG-IP APM 10.2.4 F5 BIG-IP APM 10.2.2 F5 BIG-IP APM 10.0 F5 BIG-IP APM 11.5.0 F5 BIG-IP APM 11.4.1 F5 BIG-IP APM 11.4.0 F5 BIG-IP APM 11.3.0 HF4 F5 BIG-IP APM 11.3.0 F5 BIG-IP APM 11.2.1 HF5 F5 BIG-IP APM 11.2.1 HF3 F5 BIG-IP APM 11.2.1 HF2 F5 BIG-IP APM 11.2.1 HF1 F5 BIG-IP APM 11.2.1 F5 BIG-IP APM 11.2.0 HF5 F5 BIG-IP APM 11.2.0 HF3 F5 BIG-IP APM 11.2.0 HF2 F5 BIG-IP APM 11.1.0 HF7 F5 BIG-IP APM 11.1.0 F5 BIG-IP APM 10.2.1 F5 BIG-IP Analytics 11.5.1 F5 BIG-IP Analytics 11.5 F5 BIG-IP Analytics 11.3 F5 BIG-IP Analytics 11.2.1 F5 BIG-IP Analytics 11.2 F5 BIG-IP Analytics 11.4.1 F5 BIG-IP Analytics 11.1.0 F5 BIG-IP Analytics 11.0.0 F5 BIG-IP AFM 11.5.1 F5 BIG-IP AFM 11.5 F5 BIG-IP AFM 11.3 F5 BIG-IP AFM 11.2.1 F5 BIG-IP AFM 11.4.1 F5 BIG-IP AFM 11.3.0 HF4 F5 BIG-IP AAM 11.5.1 F5 BIG-IP AAM 11.5 F5 BIG-IP AAM 11.4.1 F5 BIG-IP AAM 11.4.0 F5 ARX 6.4 F5 ARX 6.3 F5 ARX 6.2 F5 ARX 6.1.1 F5 ARX 6.1 F5 ARX 6.0 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya one-X Client Enablement Services 6.2 Avaya IP Office Server Edition 9.0 Avaya IP Office Server Edition 8.1 Avaya IP Office Application Server 9.0 Avaya CMS r17 Avaya Aura Session Manager 6.3.1 Avaya Aura Session Manager 6.3.3 Avaya Aura Session Manager 6.3 Avaya Aura Experience Portal 6.0.2 Avaya Aura Experience Portal 6.0.1 Avaya Aura Experience Portal 7.0 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 8.0 Avaya Aura Collaboration Environment 3.0 Avaya Aura Collaboration Environment 2.0 |
| Not Vulnerable: |
MIT Kerberos 5 1.12.2 |
Discussion
MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
MIT Kerberos 5 is prone to a remote denial-of-service vulnerability due to a NULL pointer dereference error.
An attacker may exploit this issue to crash the affected service, resulting in denial-of-service conditions.
Kerberos 5 versions 1.7.0 through 1.12.11 are vulnerable.
MIT Kerberos 5 is prone to a remote denial-of-service vulnerability due to a NULL pointer dereference error.
An attacker may exploit this issue to crash the affected service, resulting in denial-of-service conditions.
Kerberos 5 versions 1.7.0 through 1.12.11 are vulnerable.
Exploit / POC
MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
An attacker can exploit this issue using readily available tools.
An attacker can exploit this issue using readily available tools.
Solution / Fix
MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.