CVE-2014-9423 — Sensitive Information Exposure in Kerberos 5

CWE-200 — Sensitive Information Exposure CWE-212 — Improper Removal of Sensitive Information Before Storage or Transfer9 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

1.5%

top 18.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Krb5 MIT Kerberos 5

Timeline

PublishedFeb 19

Latest updateMay 13

Description

The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianmit/krb5< 1.12.1+dfsg-17+3

▶NVDmit/kerberos_510 versions+9

🔴Vulnerability Details

GHSA

GHSA-c8r5-76c4-8w9w: The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss↗2022-05-13

▶

OSV

CVE-2014-9423: The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss↗2015-02-19

▶

CVEList

CVE-2014-9423: The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss↗2015-02-19

▶

📋Vendor Advisories

Ubuntu

Kerberos vulnerabilities↗2015-02-10

▶

Red Hat

krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)↗2015-02-03

▶

Debian

CVE-2014-9423: krb5 - The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Ker...↗2014

▶

💬Community

Bugzilla

CVE-2014-5352 CVE-2014-9421 CVE-2014-9423 CVE-2014-9422 krb5: various flaws [fedora-all]↗2015-02-03

▶

Bugzilla

CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)↗2015-01-07

▶