Skip to main content

Patches issued for Kerberos flaws

No replies
kohsuke
Offline
Joined: 2003-06-09

from http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.info...
(InfoWorld) - The Massachusetts Institute of Technology has issued patches for three serious flaws in Kerberos v5, a widely used security authentication system. The worst of the flaws could allow an attacker to gain access to an entire authentication realm, according to MIT. The Kerberos flaws are serious because Kerberos is one of the most widely implemented authentication protocols on the Internet, and is used in many commercial products such as operating systems and routers. Two of the flaws affect the Key Distribution Center (KDC), which authenticates users. One of these, a boundary error that can cause a heap-based buffer overflow via a TCP or UDP request, may be used to execute malicious code on a system; MIT warned a successful attack could allow access to the entire authentication realm protected by the KDC. The other KDC vulnerability causes the freeing of memory in random locations, leading to a heap corruption; this can crash the system but can't be used to execute code, MIT said. A third flaw, affecting the krb5_recvauth() function, could allow a remote attacker to take over a system. However, the but is a double-free error, where a program attempts to free memory that's already been freed. "Exploitation of double-free vulnerabilities is believed to be difficult," MIT said in its advisory. The bugs all affect version 1.4.1 of Kerberos v5, and impact third-party software using the affected components, MIT said. MIT published patching instructions in its advisories and said the problems would be addressed in the forthcoming version 1.4.2. Kerberos has been hit by serious flaws about once a year. In October 2002, a flaw in kadmind4 (Kerberos v4 compatibility administration daemon) allowed unauthenticated attackers to gain root privileges on Kerberos v4 and v5 machines; at that time, MIT researchers said an exploit was already circulating when the patch was released. ADVERTISEMENTHitachi Data SystemsHigh-end functionality for the midrange. Click for white paper.