CVE-2014-5355

Current Description

MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.

Evaluator Description

CWE-476: NULL Pointer Dereference

Basic Data

PublishedFebruary 20, 2015
Last ModifiedJanuary 21, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationMitKerberos 51.1*******
    2.3ApplicationMitKerberos 51.2*******
    2.3ApplicationMitKerberos 51.2.1*******
    2.3ApplicationMitKerberos 51.2.2*******
    2.3ApplicationMitKerberos 51.2.3*******
    2.3ApplicationMitKerberos 51.2.4*******
    2.3ApplicationMitKerberos 51.2.5*******
    2.3ApplicationMitKerberos 51.2.6*******
    2.3ApplicationMitKerberos 51.2.7*******
    2.3ApplicationMitKerberos 51.2.8*******
    2.3ApplicationMitKerberos 51.3*******
    2.3ApplicationMitKerberos 51.3alpha1******
    2.3ApplicationMitKerberos 51.3.1*******
    2.3ApplicationMitKerberos 51.3.2*******
    2.3ApplicationMitKerberos 51.3.3*******
    2.3ApplicationMitKerberos 51.3.4*******
    2.3ApplicationMitKerberos 51.3.5*******
    2.3ApplicationMitKerberos 51.3.6*******
    2.3ApplicationMitKerberos 51.4*******
    2.3ApplicationMitKerberos 51.4.1*******
    2.3ApplicationMitKerberos 51.4.2*******
    2.3ApplicationMitKerberos 51.4.3*******
    2.3ApplicationMitKerberos 51.4.4*******
    2.3ApplicationMitKerberos 51.5*******
    2.3ApplicationMitKerberos 51.5.1*******
    2.3ApplicationMitKerberos 51.5.2*******
    2.3ApplicationMitKerberos 51.5.3*******
    2.3ApplicationMitKerberos 51.6*******
    2.3ApplicationMitKerberos 51.6.1*******
    2.3ApplicationMitKerberos 51.6.2*******
    2.3ApplicationMitKerberos 51.7*******
    2.3ApplicationMitKerberos 51.7.1*******
    2.3ApplicationMitKerberos 51.8*******
    2.3ApplicationMitKerberos 51.8.1*******
    2.3ApplicationMitKerberos 51.8.2*******
    2.3ApplicationMitKerberos 51.8.3*******
    2.3ApplicationMitKerberos 51.8.4*******
    2.3ApplicationMitKerberos 51.8.5*******
    2.3ApplicationMitKerberos 51.8.6*******
    2.3ApplicationMitKerberos 51.9*******
    2.3ApplicationMitKerberos 51.9.1*******
    2.3ApplicationMitKerberos 51.9.2*******
    2.3ApplicationMitKerberos 51.9.3*******
    2.3ApplicationMitKerberos 51.9.4*******
    2.3ApplicationMitKerberos 51.10*******
    2.3ApplicationMitKerberos 51.10.1*******
    2.3ApplicationMitKerberos 51.10.2*******
    2.3ApplicationMitKerberos 51.10.3*******
    2.3ApplicationMitKerberos 51.10.4*******
    2.3ApplicationMitKerberos 51.11*******
    2.3ApplicationMitKerberos 51.11.1*******
    2.3ApplicationMitKerberos 51.11.2*******
    2.3ApplicationMitKerberos 51.11.3*******
    2.3ApplicationMitKerberos 51.11.4*******
    2.3ApplicationMitKerberos 51.11.5*******
    2.3ApplicationMitKerberos 51.12*******
    2.3ApplicationMitKerberos 51.12.1*******
    2.3ApplicationMitKerberos 51.12.2*******
    2.3ApplicationMitKerberos 51.13*******
    2.3ApplicationMitKerberos 51.13.1*******

Vulnerable Software List

VendorProductVersions
Mit Kerberos 5 1.1, 1.10, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.11, 1.11.1, 1.11.2, 1.11.3, 1.11.4, 1.11.5, 1.12, 1.12.1, 1.12.2, 1.13, 1.13.1, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.6, 1.6.1, 1.6.2, 1.7, 1.7.1, 1.8, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.8.5, 1.8.6, 1.9, 1.9.1, 1.9.2, 1.9.3, 1.9.4

References

NameSourceURLTags
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8050http://krbdev.mit.edu/rt/Ticket/Display.html?id=8050CONFIRMVendor Advisory
openSUSE-SU-2015:0542http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.htmlSUSE
RHSA-2015:0794http://rhn.redhat.com/errata/RHSA-2015-0794.htmlREDHAT
MDVSA-2015:069http://www.mandriva.com/security/advisories?name=MDVSA-2015:069MANDRIVA
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlCONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlCONFIRM
74042http://www.securityfocus.com/bid/74042BID
USN-2810-1http://www.ubuntu.com/usn/USN-2810-1UBUNTU
https://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073echttps://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073ecCONFIRM
[debian-lts-announce] 20180131 [SECURITY] [DLA 1265-1] krb5 security updatehttps://lists.debian.org/debian-lts-announce/2018/01/msg00040.htmlMLIST