製品・ソフトウェアに関する情報

JVN脆弱性詳細

MIT Kerberos 5 の lib/rpc/svc_auth_gss.c の svcauth_gss_accept_sec_context 関数における重要な情報を取得される脆弱性

Title	MIT Kerberos 5 の lib/rpc/svc_auth_gss.c の svcauth_gss_accept_sec_context 関数における重要な情報を取得される脆弱性
Summary	MIT Kerberos 5 (別名 krb5) の lib/rpc/svc_auth_gss.c の svcauth_gss_accept_sec_context 関数は、クライアントに初期化されていないインターポーザデータを送信するため、プロセスヒープメモリから重要な情報を取得される脆弱性が存在します。
Possible impacts	第三者により、handle フィールドのデータに対してネットワークを傍受されることで、プロセスヒープメモリから重要な情報を取得される脆弱性が存在します。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Dec. 30, 2014, midnight
Registration Date	Feb. 23, 2015, 6:09 p.m.
Last Update	June 8, 2015, 5:26 p.m.

CVSS2.0 : 警告
Score	5
Vector	AV:N/AC:L/Au:N/C:P/I:N/A:N

Affected System

MIT Kerberos

Kerberos 1.11.5 までの 1.11.x

Kerberos 1.12.2 までの 1.12.x

Kerberos 1.13.1 までの 1.13.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-9423	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
National Vulnerability Database (NVD)
2	CVE-2014-9423	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9423

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-200	https://jvndb.jvn.jp/ja/cwe/CWE-200.html

ベンダー情報

No	Name	URL
GitHub
1	Fix gssrpc data leakage [CVE-2014-9423]	https://github.com/krb5/krb5/commit/5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c
MIT Kerberos
2	2015-001-patch-r113	http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt
MIT krb5 Security Advisory
3	MITKRB5-SA-2015-001	http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt
Red Hat Security Advisory
4	RHSA-2015:0439	https://rhn.redhat.com/errata/RHSA-2015-0439.html

Change Log

No	Changed Details	Date of change
0	[2015年02月23日] 掲載 [2015年06月08日] ベンダ情報：レッドハット (RHSA-2015:0439) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2014-9423

Summary	The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
Publication Date	Feb. 19, 2015, 8:59 p.m.
Registration Date	Jan. 26, 2021, 3:22 p.m.
Last Update	Nov. 21, 2024, 11:20 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mit:kerberos_5:1.11:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.1:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.2:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.3:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.4:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.5:::::::*
cpe:2.3:a:mit:kerberos_5:1.12:::::::*
cpe:2.3:a:mit:kerberos_5:1.12.1:::::::*
cpe:2.3:a:mit:kerberos_5:1.12.2:::::::*
cpe:2.3:a:mit:kerberos_5:1.13:::::::*

Related information, measures and tools

No	URL	タグ
1	http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html
2	http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html
3	http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151437.html
4	http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151437.html
5	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00011.html
6	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00011.html
7	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html
8	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html
9	http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html
10	http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html
11	http://rhn.redhat.com/errata/RHSA-2015-0439.html
12	http://rhn.redhat.com/errata/RHSA-2015-0439.html
13	http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt
14	http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt
15	http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt	Vendor Advisory
16	http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt	Vendor Advisory
17	http://www.debian.org/security/2015/dsa-3153
18	http://www.debian.org/security/2015/dsa-3153
19	http://www.mandriva.com/security/advisories?name=MDVSA-2015:069
20	http://www.mandriva.com/security/advisories?name=MDVSA-2015:069
21	http://www.securityfocus.com/bid/72503
22	http://www.securityfocus.com/bid/72503
23	http://www.ubuntu.com/usn/USN-2498-1
24	http://www.ubuntu.com/usn/USN-2498-1
25	https://github.com/krb5/krb5/commit/5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c
26	https://github.com/krb5/krb5/commit/5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mit:kerberos_5:1.11:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.1:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.2:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.3:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.4:::::::*
cpe:2.3:a:mit:kerberos_5:1.11.5:::::::*
cpe:2.3:a:mit:kerberos_5:1.12:::::::*
cpe:2.3:a:mit:kerberos_5:1.12.1:::::::*
cpe:2.3:a:mit:kerberos_5:1.12.2:::::::*
cpe:2.3:a:mit:kerberos_5:1.13:::::::*