Bug 1469976 - (CVE-2017-11103) CVE-2017-11103 krb5: Metadata taken from the unauthenticated plaintext
CVE-2017-11103 krb5: Metadata taken from the unauthenticated plaintext
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20170711,repo...
: Security
Depends On: 1469998
Blocks: 1469977
  Show dependency treegraph
 
Reported: 2017-07-12 04:02 EDT by Andrej Nemec
Modified: 2017-07-13 16:08 EDT (History)
41 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-07-12 04:26:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andrej Nemec 2017-07-12 04:02:31 EDT
A vulnerability was found in several independently developed implementations of Kerberos which caused that metadata were taken from the unauthenticated plaintext (the Ticket) rather than the authenticated and encrypted KDC response.

Proposed patch:

https://github.com/heimdal/heimdal/commit/6dd3eb836bbb80a00ffced4ad57077a1cdf227ea
Comment 1 Andrej Nemec 2017-07-12 04:04:38 EDT
External References:

https://www.orpheus-lyre.info/
Comment 2 Huzaifa S. Sidhpurwala 2017-07-12 04:26:31 EDT
Statement:

This issue does not affect the version of MIT Kerberos implementation as shipped with Red Hat Enterprise Linux. This issue also does not affect the version of Samba as shipped with Red Hat Enterprise Linux.
Comment 3 Andrej Nemec 2017-07-12 05:01:43 EDT
Created heimdal tracking bugs for this issue:

Affects: fedora-all [bug 1469998]

Note You need to log in before you can comment on or make changes to this bug.