CVE-2014-4341

krb5: denial of service flaws when handling padding length longer than the plaintext

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.

MIT Kerberos 5 (también conocido como krb5) anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (sobrelectura de buffer y caída de aplicación) mediante la inyección de tokens inválido en una sesión de la aplicación GSSAPI.

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-06-20 CVE Reserved
2014-07-20 CVE Published
2024-06-01 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (17)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0345.html	Third Party Advisory
http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc	Third Party Advisory
http://secunia.com/advisories/59102	Third Party Advisory
http://secunia.com/advisories/60082	Third Party Advisory
http://secunia.com/advisories/60448	Third Party Advisory
http://www.securityfocus.com/bid/68909	Third Party Advisory
http://www.securitytracker.com/id/1030706	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/94904	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73	2021-02-02

URL	Date	SRC
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949	2021-02-02
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html	2021-02-02
http://rhn.redhat.com/errata/RHSA-2015-0439.html	2021-02-02
http://security.gentoo.org/glsa/glsa-201412-53.xml	2021-02-02
http://www.debian.org/security/2014/dsa-3000	2021-02-02
http://www.mandriva.com/security/advisories?name=MDVSA-2014:165	2021-02-02
https://access.redhat.com/security/cve/CVE-2014-4341	2015-03-05
https://bugzilla.redhat.com/show_bug.cgi?id=1116180	2015-03-05

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				< 1.12.2 Search vendor "Mit" for product "Kerberos 5" and version " < 1.12.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.5 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Tus Search vendor "Redhat" for product "Enterprise Linux Tus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Tus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Tus Search vendor "Redhat" for product "Enterprise Linux Tus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Tus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Tus Search vendor "Redhat" for product "Enterprise Linux Tus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Tus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				20 Search vendor "Fedoraproject" for product "Fedora" and version "20"		-		Affected