Source: krb5
Version: 1.12.1+dfsg-19
Tags: security
Two errors in krb5-otp and krb5-pkinit can interact to allow an attacker
to get a ciphertext in a long-term (potentially password-derived) key
without properly pre-authenticating, allowing for an offline brute-force
attack.
It is believed that both components must be present to trigger the bug;
upstream's commit message for the fix (included below) is written on the
assumption that the OTP functionality is part of the base KDC, but in
Debian we provide it in a separate package, krb5-otp.
-Ben
Prevent requires_preauth bypass [CVE-2015-2694]
In the OTP kdcpreauth module, don't set the TKT_FLG_PRE_AUTH bit until
the request is successfully verified. In the PKINIT kdcpreauth
module, don't respond with code 0 on empty input or an unconfigured
realm. Together these bugs could cause the KDC preauth framework to
erroneously treat a request as pre-authenticated.
CVE-2015-2694:
In MIT krb5 1.12 and later, when the KDC is configured with PKINIT
support, an unauthenticated remote attacker can bypass the
requires_preauth flag on a client principal and obtain a ciphertext
encrypted in the principal's long-term key. This ciphertext could be
used to conduct an off-line dictionary attack against the user's
password.
CVSSv2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:POC/RL:OF/RC:C
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
