Vigil@nce - MIT krb5: denial of service of KDC via PKINIT KDF
March 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malformed packets to MIT krb5, in order to
stop the KDC.
Impacted products: Fedora, MIT krb5
Severity: 2/4
Creation date: 04/03/2013
DESCRIPTION OF THE VULNERABILITY
The PKINIT (Public Key Cryptography for Initial Authentication)
protocol allows the usage of an X.509 certificate or of a smart
card, instead of a password. The PKINIT extension is enabled when
the kdc.conf/krb5.conf configuration file contains pkinit_identity
and pkinit_anchors.
The PKINIT format extension Draft 9 uses KDF (Key Derivation
Functions). When the KDC receives a PKINIT Draft 9 query, the
pkinit_server_return_padata() function of the
plugins/preauth/pkinit/pkinit_srv.c file dereferences the
"rep->u.dh_Info.kdfID" pointer. However, this pointer can be NULL.
An attacker can therefore send a malformed packets to MIT krb5, in
order to stop the KDC.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/MIT-krb5-denial-of-service-of-KDC-via-PKINIT-KDF-12476