PT-2014-1929 · Mit+4 · Mit Kerberos 5+4

Published

2014-10-09

Updated

2024-06-15

CVE-2014-5351

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 versions prior to 1.13

Description The issue allows remote authenticated users to forge tickets by leveraging administrative access. This is due to the kadm5 randkey principal 3 function in lib/kadm5/srv/svr principal.c in kadmind sending old keys in a response to a -randkey -keepold request. The exploitation of this issue may lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 1.13, update to version 1.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the kadmind service to minimize the risk of exploitation. Avoid using the -randkey -keepold request in the affected kadmind service until the issue is resolved.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255CWE-125

Related Identifiers

ALT-PU-2014-2418

BDU:2015-09790

CVE-2014-5351

DLA-1265-1

MGASA-2014-0477

OPENSUSE-SU-2024:10004-1

SUSE-SU-2014_1410-1

SUSE-SU-2015:0290-1

SUSE-SU-2015:0290-2

SUSE-SU-2015_0290-1

SUSE-SU-2015_0290-2

USN-2498-1

Affected Products

Alt Linux

Ibm Aix

Mit Kerberos 5

Suse

Ubuntu

PT-2014-1929 · Mit+4 · Mit Kerberos 5+4

CVE-2014-5351

Weakness Enumeration

Related Identifiers

Affected Products

References · 96