1. CVE-Search
  2. CVE-2014-4345
ID CVE-2014-4345
Summary Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
References
Vulnerable Configurations
  • cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
CVSS
Base: 8.5 (as of 21-01-2020 - 15:46)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:S/C:C/I:C/A:C
redhat via4
advisories
  • bugzilla
    id 1128157
    title CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment krb5-devel is earlier than 0:1.6.1-80.el5_11
            oval oval:com.redhat.rhsa:tst:20141255001
          • comment krb5-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070095011
        • AND
          • comment krb5-libs is earlier than 0:1.6.1-80.el5_11
            oval oval:com.redhat.rhsa:tst:20141255003
          • comment krb5-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070095013
        • AND
          • comment krb5-server is earlier than 0:1.6.1-80.el5_11
            oval oval:com.redhat.rhsa:tst:20141255005
          • comment krb5-server is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070095015
        • AND
          • comment krb5-server-ldap is earlier than 0:1.6.1-80.el5_11
            oval oval:com.redhat.rhsa:tst:20141255007
          • comment krb5-server-ldap is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20110199008
        • AND
          • comment krb5-workstation is earlier than 0:1.6.1-80.el5_11
            oval oval:com.redhat.rhsa:tst:20141255009
          • comment krb5-workstation is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070095017
    rhsa
    id RHSA-2014:1255
    released 2014-09-17
    severity Moderate
    title RHSA-2014:1255: krb5 security update (Moderate)
  • bugzilla
    id 1128157
    title CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment krb5-devel is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389001
          • comment krb5-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599002
        • AND
          • comment krb5-libs is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389003
          • comment krb5-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599004
        • AND
          • comment krb5-pkinit-openssl is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389005
          • comment krb5-pkinit-openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100863006
        • AND
          • comment krb5-server is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389007
          • comment krb5-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599008
        • AND
          • comment krb5-server-ldap is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389009
          • comment krb5-server-ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599010
        • AND
          • comment krb5-workstation is earlier than 0:1.10.3-33.el6
            oval oval:com.redhat.rhsa:tst:20141389011
          • comment krb5-workstation is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599012
    rhsa
    id RHSA-2014:1389
    released 2014-10-13
    severity Moderate
    title RHSA-2014:1389: krb5 security and bug fix update (Moderate)
  • rhsa
    id RHSA-2015:0439
rpms
  • krb5-debuginfo-0:1.6.1-80.el5_11
  • krb5-devel-0:1.6.1-80.el5_11
  • krb5-libs-0:1.6.1-80.el5_11
  • krb5-server-0:1.6.1-80.el5_11
  • krb5-server-ldap-0:1.6.1-80.el5_11
  • krb5-workstation-0:1.6.1-80.el5_11
  • krb5-debuginfo-0:1.10.3-33.el6
  • krb5-devel-0:1.10.3-33.el6
  • krb5-libs-0:1.10.3-33.el6
  • krb5-pkinit-openssl-0:1.10.3-33.el6
  • krb5-server-0:1.10.3-33.el6
  • krb5-server-ldap-0:1.10.3-33.el6
  • krb5-workstation-0:1.10.3-33.el6
  • krb5-debuginfo-0:1.12.2-14.el7
  • krb5-devel-0:1.12.2-14.el7
  • krb5-libs-0:1.12.2-14.el7
  • krb5-pkinit-0:1.12.2-14.el7
  • krb5-server-0:1.12.2-14.el7
  • krb5-server-ldap-0:1.12.2-14.el7
  • krb5-workstation-0:1.12.2-14.el7
refmap via4
bid 69168
confirm
debian DSA-3000
fedora
  • FEDORA-2014-9305
  • FEDORA-2014-9315
gentoo GLSA-201412-53
mandriva MDVSA-2014:165
osvdb 109908
sectrack 1030705
secunia
  • 59102
  • 59415
  • 59993
  • 60535
  • 60776
  • 61314
  • 61353
suse
  • SUSE-SU-2014:1028
  • openSUSE-SU-2014:1043
xf kerberos-cve20144345-bo(95212)
Last major update 21-01-2020 - 15:46
Published 14-08-2014 - 05:01
Last modified 21-01-2020 - 15:46
Back to Top