In association with heise online

18 January 2010, 15:46

Another patch for MIT Kerberos

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Kerberos Logo A patch for the MIT's Kerberos 5 implementation is to fix integer underflows in the functions for decrypting AES and RC4 ciphertexts. The flaw can reportedly be provoked remotely by sending specially crafted ciphertexts which can, for instance, cause the Key Distribution Center (KDC) to crash. In very rare circumstances, the flaw is also said to allow the injection and execution of code. Reportedly, the exploitability of the flaw is marginally higher if the attacker holds a valid account in a Kerberos domain (realm).

All versions from krb5-1.3 are affected. The patch is available for krb5-1.6 and krb5-1.7. Updates krb5-1.6.4 and krb5-1.7.1, which are soon to be released, also fix the flaw. Until then, users need to manually install the patches for aes.c and arcfour.c and recompile Kerberos themselves. The updates are gradually becoming overdue, as they are also scheduled to close a null-pointer dereference vulnerability already publicised in early January. So far, only a patch has become available to fix this hole.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit