MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is in the GSS-API acceptor component due to lack of pointer validation. An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected component. This action could cause the component to crash, resulting in a DoS condition. MIT has confirmed this vulnerability and released updated software. The vulnerability can be exploited only by an authenticated attacker, which somewhat reduces the threat of an attack on affected systems. Cisco Network Admission Control Guest Server may be affected if Active Directory single sign-on is enabled.
MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is in the GSS-API acceptor component due to lack of pointer validation. An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected component. This action could cause the component to crash, resulting in a DoS condition.
MIT has confirmed this vulnerability and released updated software.
The vulnerability can be exploited only by an authenticated attacker, which somewhat reduces the threat of an attack on affected systems.
Cisco Network Admission Control Guest Server may be affected if Active Directory single sign-on is enabled.
MIT has released a security advisory at the following link: MITKRB5-SA-2010-005
Cisco has released a bug ID at the following link: CSCtg59379
F5 Networks has confirmed the vulnerability in a release note at the following link: Release note for Enterprise Manager 2.3.0
HP has released security bulletin c02257427 at the following link: HPSBUX02544 SSRT100107
IBM has released a security alert at the following link: CVE-2010-1321
Oracle has released a security alert at the following link: Critical Patch Update October 2010
Red Hat has released security advisories at the following links: RHSA-2010-0423, RHSA-2010:0770, RHSA-2010:0873, RHSA-2010:0935, RHSA-2010:0987, RHSA-2011:0152, and RHSA-2011:0880
Sun has released a security notification at the following link: CVE-2010-1321
VMware has released security advisories at the following links: VMSA-2010-0013, VMSA-2010-0016, and VMSA-2011-0013
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators are advised to grant access to the affected application only to trusted users.
Cisco customers can mitigate this vulnerability by disabling Active Directory single sign-on as detailed at this link: Cisco
Administrators are advised to monitor affected systems.
MIT has released a patch at the following link: MITKRB5-SA-2010-005
CentOS packages can be updated using the up2date or yum command.
F5 Networks has released software updates for registered users at the following link: Enterprise Manager 2.3.0
HP has released updated software for the Kerberos Web Update (KRB5CLIENT) at the following links:
HP-UX B.11.11 (11i v1)
KRB5CLIENT_C.1.3.5.10_ HP_UX_B.11.11_32_64.depot or subsequentHP-UX B.11.23 (11i v2)
KRB5CLIENT_D.1.6.2.08_ HP_UX_B.11.23_IA_PA.depot or subsequentHP-UX B.11.31 (11i v3)
KRB5CLIENT_E.1.6.2.08_ HP_UX_B.11.31_IA_PA.depot or subsequent
HP has released updated software for the Kerberos Client Product in Core-OS (KRB5-Client) for registered users at the following links:
HP-UX B.11.11 (11i v1)
PHSS_41166 or subsequentHP-UX B.11.23 (11i v2)
PHSS_41167 or subsequentHP-UX B.11.31 (11i v3)
PHSS_41168 or subsequent
IBM has released updates at the following link: IBM Developer Kits
Oracle has released patches for registered users at the following link: Oracle
Red Hat packages can be updated using the up2date or yum command.
Sun has released patches for registered users at the following links:
SPARC
Solaris 10 with patch 141500-07 or later
Solaris 9 with patch 112908-38 or later
Solaris 8 with patch 112390-17 or laterIntel
Solaris 10 with patch 141501-08 or later
Solaris 9 with patch 115168-24 or later
Solaris 8 with patch 112240-16 or later
VMware has released updated software at the following links:
ESX 3.5
ESX350-201008411-SGESX 4.0
ESX400-201009403-SGESXi 4.1
ESXi410-201010401-SGESX 4.1
ESX410-201010419-SG
ESX410-201110201-SGESX 3.0.3
ESX303-201102401-SG
vCenter 4.1
Update 2
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
1.0 | Initial Release | NA | Final | 2010-May-19 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.