Vulnerability Name:

CVE-2012-1015 (CCN-77318)

Assigned:2012-07-31
Published:2012-07-31
Updated:2020-01-21
Summary:The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2012-1015

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0967

Source: CCN
Type: RHSA-2012-1131
Important: krb5 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1131

Source: CCN
Type: SA50041
Kerberos KDC Two Memory Corruption Vulnerabilities

Source: CONFIRM
Type: Patch, Vendor Advisory
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2012-001.txt

Source: CCN
Type: MITKRB5-SA-2012-001
KDC heap corruption and crash vulnerabilities

Source: DEBIAN
Type: UNKNOWN
DSA-2518

Source: DEBIAN
Type: DSA-2518
krb5 -- denial of service and remote code execution

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:120

Source: CCN
Type: OSVDB ID: 84423
MIT Kerberos 5 src/kdc/do_as_req.c finish_process_as_req() Function AS-REQ Parsing Remote Memory Corruption

Source: CCN
Type: BID-54750
MIT Kerberos 5 Uninitialized Pointer Dereference Remote Multiple Denial of Service Vulnerabilities

Source: XF
Type: UNKNOWN
kerberos-asreq-code-exec(77318)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20121015
    V
    		CVE-2012-1015
    2022-05-20
    oval:org.opensuse.security:def:30289
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:33117
    P
    		Security update for openexr (Important)
    2022-01-12
    oval:org.opensuse.security:def:33060
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:33739
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:33971
    P
    		Security update for openssl-1_0_0 (Low)
    2021-09-09
    oval:org.opensuse.security:def:30234
    P
    		Security update for java-1_8_0-openjdk (Important)
    2021-08-20
    oval:org.opensuse.security:def:33949
    P
    		Security update for qemu (Important)
    2021-07-28
    oval:org.opensuse.security:def:34489
    P
    		Security update for the Linux Kernel (Important)
    2021-07-20
    oval:org.opensuse.security:def:30081
    P
    		Security update for qemu (Important)
    2021-06-02
    oval:org.opensuse.security:def:33910
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:33645
    P
    		Security update for samba (Important)
    2021-05-04
    oval:org.opensuse.security:def:33644
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:34420
    P
    		Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:32904
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:34028
    P
    		Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:33656
    P
    		Security update for dovecot22 (Important)
    2021-01-04
    oval:org.opensuse.security:def:34445
    P
    		Security update for dovecot22 (Important)
    2021-01-04
    oval:org.opensuse.security:def:28868
    P
    		Security update for python (Important)
    2020-12-11
    oval:org.opensuse.security:def:34332
    P
    		Security update for curl (Moderate)
    2020-12-10
    oval:org.opensuse.security:def:33875
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:32531
    P
    		ipsec-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33205
    P
    		mipv6d on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28431
    P
    		Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29020
    P
    		Security update for resource-agents (Important)
    2020-12-01
    oval:org.opensuse.security:def:29995
    P
    		Security update for libtiff
    2020-12-01
    oval:org.opensuse.security:def:31078
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32666
    P
    		ft2demos on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33228
    P
    		perl-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34381
    P
    		Security update for tomcat6 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28432
    P
    		Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29074
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:31115
    P
    		Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32760
    P
    		opie on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33272
    P
    		tcpdump on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28443
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:29123
    P
    		Security update for java-1_7_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:29634
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32817
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28511
    P
    		Security update for openssl1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:29162
    P
    		Security update for libxml2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:29635
    P
    		Security update for clamav (Important)
    2020-12-01
    oval:org.opensuse.security:def:28642
    P
    		Security update for binutils
    2020-12-01
    oval:org.opensuse.security:def:29179
    P
    		Security update for microcode_ctl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29646
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30338
    P
    		Security update for transfig (Low)
    2020-12-01
    oval:org.opensuse.security:def:32441
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:35127
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:28727
    P
    		Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:29223
    P
    		Security update for php53 (Important)
    2020-12-01
    oval:org.opensuse.security:def:29719
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:30377
    P
    		Security update for xalan-j2
    2020-12-01
    oval:org.opensuse.security:def:32442
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:34117
    P
    		Recommended update for ncurses (Important)
    2020-12-01
    oval:org.opensuse.security:def:35167
    P
    		Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28784
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:29861
    P
    		Security update for Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:29851
    P
    		Security update for Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:30396
    P
    		Security update for Xen
    2020-12-01
    oval:org.opensuse.security:def:32453
    P
    		Security update for xfsprogs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33166
    P
    		libnetpbm10 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34274
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29897
    P
    		Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29938
    P
    		Security update for libksba
    2020-12-01
    oval:org.opensuse.security:def:30440
    P
    		Security update for yast2-storage (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:17877
    P
    		USN-1520-1 -- krb5 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:20176
    P
    		DSA-2518-1 krb5 - denial of service
    2014-06-23
    oval:org.mitre.oval:def:23941
    P
    		ELSA-2012:1131: krb5 security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:21369
    P
    		RHSA-2012:1131: krb5 security update (Important)
    2014-02-24
    oval:com.ubuntu.precise:def:20121015000
    V
    		CVE-2012-1015 on Ubuntu 12.04 LTS (precise) - medium.
    2012-08-06
    oval:com.redhat.rhsa:def:20121131
    P
    		RHSA-2012:1131: krb5 security update (Important)
    2012-07-31
    BACK
    mit kerberos 5 1.8
    mit kerberos 5 1.8.1
    mit kerberos 5 1.8.2
    mit kerberos 5 1.8.3
    mit kerberos 5 1.8.4
    mit kerberos 5 1.8.5
    mit kerberos 5 1.8.6
    mit kerberos 5 1.9.4
    mit kerberos 5 1.10
    mit kerberos 5 1.10.1
    mit kerberos 5 1.10.2
    mit kerberos 5-1.10.1
    mit kerberos 5-1.10
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6