Multiple holes in MIT Kerberos
The Kerberos developers at the Massachusetts Institute of Technology (MIT) have reported multiple vulnerabilities in their network authentication suite. Attackers can reportedly exploit a weakness to cause a SPNEGO GSS-API application crash, including the Kerberos administration daemon (kadmind). A remote attack could also cause a key distribution center (KDC) or kinit program to crash.
The developers also describe a vulnerability in the ASN.1 decoder that could allow an attacker to crash the Kerberos application and execute arbitrary malicious code. All attacks can be run remotely and do not require authentication.
Kerberos versions krb5-1.5 and later are affected as previous MIT releases did not contain the vulnerable code. All MIT krb5 releases and third-party software that uses the krb5 libraries are affected by the critical vulnerability in the ASN.1 decoder. The upcoming official krb5-1.7 and krb5-1.6.4 releases resolve the problems.
- multiple vulnerabilities in SPNEGO, ASN.1 decoder, advisory from MIT.
- ASN.1 decoder frees uninitialized pointer, advisory from MIT.
- krb5 vulnerabilities, advisory from Ubuntu.