Flaws fixed in widely-used Kerberos program

Bill Brenner

The Massachusetts Institute of Technology (MIT) has fixed several critical Kerberos 5 flaws attackers could exploit to cause a buffer overflow and run malware on targeted machines.

Kerberos is widely used as a secure method for authenticating a request for a service in a computer network. It was developed in the Athena Project at MIT and is incorporated into a variety of products, including Sun Microsystems's Enterprise Authentication Mechanism software and its Solaris operating system, Red Hat Linux, MandrakeSoft Linux and Debian Linux.

Requires Free Membership to View

MIT said in its krb5 Security Advisory 2007-006 that two flaws were addressed. First, the MIT krb5 Kerberos administration daemon (kadmind) was vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 were also potentially affected, MIT said, adding, "This is a bug in the RPC library in MIT krb5. It is not a bug in the Kerberos protocol."

The second problem was that the Kerberos administration daemon (kadmind) could write data through an uninitialized pointer, MIT said, adding, "This is a bug in the kadmind in MIT krb5. It is not a bug in the Kerberos protocol."

Because it is used so extensively, Danish vulnerability clearinghouse Secunia labeled the flaws "highly critical" in its SA26676 advisory. The company warned that the flaws "can be exploited by malicious users and malicious people to compromise a vulnerable system."

Secunia recommended users eliminate the threat to their systems by updating to Kerberos 1.5.5 or 1.6.3 as soon as it becomes available, or by applying the patches.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: