Fedora Core 1 : krb5-1.3.3-6 (2004-149)

NASLDB: Fedora Core 1 : krb5-1.3.3-6 (2004-149)

General

ID: 13710
Name: Fedora Core 1 : krb5-1.3.3-6 (2004-149)

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: Fedora Local Security Checks
Type: Local

Description

Bugs have been fixed in the krb5_aname_to_localname library function.
Specifically, buffer overflows were possible for all Kerberos versions
up to and including 1.3.3. The krb5_aname_to_localname function
translates a Kerberos principal name to a local account name,
typically a UNIX username. This function is frequently used when
performing authorization checks.

If configured with mappings from particular Kerberos principals to
particular UNIX user names, certain functions called by
krb5_aname_to_localname will not properly check the lengths of buffers
used to store portions of the principal name. If configured to map
principals to user names using rules, krb5_aname_to_localname would
consistently write one byte past the end of a buffer allocated from
the heap. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0523 to this issue.

Only configurations which enable the explicit mapping or rules-based
mapping functionality of krb5_aname_to_localname() are vulnerable.
These configurations are not the default.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2004-0523
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2004/06/04
Plugin Release: 2004/07/23

Plugin

Version: 1.14
Filename: fedora_2004-149.nasl
Filesize: 3875 bytes
MD5 Hash: d39951aa7c4d98f73c4c22c678239ec9

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG