1
PublicDateAtUSN: 2014-10-09
2
Candidate: CVE-2014-5351
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351
6
https://usn.ubuntu.com/usn/usn-2498-1
8
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in
9
kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a
10
response to a -randkey -keepold request, which allows remote authenticated
11
users to forge tickets by leveraging administrative access.
15
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762479
16
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018
21
Tags_krb5: universe-binary
23
upstream: https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca
24
upstream_krb5: released (1.12.1+dfsg-10)
25
lucid_krb5: released (1.8.1+dfsg-2ubuntu0.14)
26
precise_krb5: released (1.10+dfsg~beta1-2ubuntu0.6)
27
trusty_krb5: released (1.12+dfsg-2ubuntu5.1)
28
utopic_krb5: not-affected (1.12.1+dfsg-10)
29
devel_krb5: not-affected (1.12.1+dfsg-16)