ISS X-Force Database: heimdal-kadmind-bo(16071): Heimdal kadmind buffer overflow

Heimdal kadmind buffer overflow

heimdal-kadmind-bo (16071)

High Risk

Description:

Heimdal is vulnerable to a heap-based buffer overflow in the Kerberos 5 kadmind daemon (k5admind), caused by improper validation of user-supplied input when handling Kerberos 4 compatibility administration requests. If k5admind has been configured to include support for Kerberos 4, a remote attacker could send a specially-crafted message to k5admind to overflow a buffer and cause the daemon to crash or execute arbitrary code on the system.

Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Heimdal (0.6.2 or later), available from the Heimdal Web page. See References.

For FreeBSD:
Upgrade to the latest version of FreeBSD (4-STABLE, or RELENG_5_2, RELENG_4_9, or RELENG_4_8 security branch dated later than 2004-04-15), as listed in FreeBSD-SA-04:09.kadmind. See References.

— OR —

Apply the patch for this vulnerability, as listed in FreeBSD-SA-04:09.kadmind. See References.

For Debian/GNU Linux 3.0 (Woody):
Upgrade to the latest heimdal package (0.4e-7.woody.9 or later), as listed in DSA-504-1. See References.

For Gentoo Linux:
Upgrade to the latest version of heimdal (0.6.2 or later), as listed in GLSA 200405-23. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind: heimdal kadmind remote heap buffer overflow.
GLSA 200405-23: Heimdal: Kerberos 4 buffer overflow in kadmin.
Heimdal Security Advisory 2004-05-06: Kerberos 4 buffer overrun in Heimdal kadmin.
Heimdal Web page: Heimdal.
BID-10288: Heimdal K5AdminD Remote Heap Buffer Overflow
CVE-2004-0434: k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
DSA-504: heimdal -- missing input sanitising
GLSA-200405-23: Heimdal: Kerberos 4 buffer overflow in kadmin

Platforms Affected:

Debian Debian Linux 3.0
FreeBSD FreeBSD 4.8
FreeBSD FreeBSD 4.9
FreeBSD FreeBSD 5.0
FreeBSD heimdal
Gentoo Linux
Heimdal Developers Heimdal prior to 0.6.2

Reported:

May 06, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page