CVE-2020-10595: Buffer Overflow
First published: Tue Mar 31 2020(Updated: )
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pam-krb5 Project Pam-krb5 | <4.9 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| ubuntu/libpam-krb5 | <4.8-1ubuntu0.1 | 4.8-1ubuntu0.1 |
| ubuntu/libpam-krb5 | <4.8-2ubuntu0.1 | 4.8-2ubuntu0.1 |
| ubuntu/libpam-krb5 | <4.6-2ubuntu0.1~ | 4.6-2ubuntu0.1~ |
| ubuntu/libpam-krb5 | <4.7-2ubuntu0.1 | 4.7-2ubuntu0.1 |
| debian/libpam-krb5 | 4.9-2 4.11-1 4.11-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2020/03/31/1
- https://github.com/rra/pam-krb5/commit/e7879e27a37119fad4faf133a9f70bdcdc75d760
- https://lists.debian.org/debian-lts-announce/2020/04/msg00000.html
- https://usn.ubuntu.com/4314-1/
- https://www.debian.org/security/2020/dsa-4648
- https://www.eyrie.org/~eagle/software/pam-krb5/security/2020-03-30.html
- https://launchpad.net/bugs/cve/CVE-2020-10595
- https://www.openwall.com/lists/oss-security/2020/03/31/1
- https://security-tracker.debian.org/tracker/CVE-2020-10595
- https://ubuntu.com/security/notices/USN-4314-1
- https://www.cve.org/CVERecord?id=CVE-2020-10595
- https://nvd.nist.gov/vuln/detail/CVE-2020-10595
- https://ubuntu.com/security/CVE-2020-10595
- collector/nvd-index
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/remedy
- agent/author
- agent/first-publish-date
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/trending
- vendor/pam-krb5 project
- canonical/pam-krb5 project pam-krb5
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- package-manager/ubuntu
- package-manager/debian