Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-1015

Published: 31 July 2012

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.

Notes

AuthorNote
sbeattie
krb5 1.8 and newer
code execution potential probably blocked by glibc
double-free detection

Priority

Medium

Status

Package Release Status
krb5
Launchpad, Ubuntu, Debian
upstream Needs triage

hardy Not vulnerable
(1.6.dfsg.3~beta1-2ubuntu1.8)
lucid
Released (1.8.1+dfsg-2ubuntu0.11)
natty
Released (1.8.3+dfsg-5ubuntu2.3)
oneiric
Released (1.9.1+dfsg-1ubuntu2.3)
precise
Released (1.10+dfsg~beta1-2ubuntu0.3)
Patches:
upstream: http://web.mit.edu/kerberos/advisories/2012-001-patch.txt