MIT Kerberos Vulnerable to Denial-of-Service Attacks
Last revised: Sep 14, 2001
Source: The MIT Kerberos Team, CERT/CC
A complete revision history is at the end of this file.
- Systems with MIT-derived implementations of the Kerberos 4 KDC
- Systems with MIT-derived implementations of the Kerberos 5 KDC enabled to handle krb4 ticket requests
The CERT Coordination Center has recently been notified of several potential buffer overflow vulnerabilities in the Kerberos authentication software. The most severe vulnerability allows remote intruders to disrupt normal operations of the Key Distribution Center (KDC) if an attacker is able to send malformed requests to a realm's key server.
MIT reports that the following versions are vulnerable to one or more of these vulnerabilities:
- MIT Kerberos 5 releases krb5-1.0.x, krb5-1.1, krb5-1.1.1
- MIT Kerberos 4 patch 10, and probably earlier releases as well
- KerbNet (Cygnus implementation of Kerberos 5)
- Cygnus Network Security (CNS -- Cygnus implementation of Kerberos 4)
Other versions may be affected as well.
The vulnerabilities discussed in this advisory are different than the ones discussed in CA-2000-06, Multiple Buffer Overflows in Kerberos Authenticated Services. The primary difference is in the impact: the new vulnerabilities do not appear to allow remote execution of arbitrary code since the buffers being overrun are statically declared. In addition, only Kerberos 4 and Kerberos 5 KDC servers that can service version 4 ticket requests are affected by the buffer overflows discussed here.
There are at least five distinct vulnerabilities in various versions and implementations of the Kerberos software. All of these vulnerabilities may be exploited to effect denial-of-service attacks with varying degrees of severity. These vulnerabilities include
- The buffer used to hold the variable lastrealm in the function set_tgtkey() can be owerflowed.
- The buffer used to hold the variable localrealm in the function process_v4() can be overflowed.
- The buffer to hold the variable e_msg in the function kerb_err_reply() can be overflowed.
- The code that services AUTH_MSG_KDC_REQUESTs does not properly check for null-termination.
- Memory that has previously been freed may be improperly freed again, possibly resulting in unstable operation.
The MIT Kerberos Team Advisory
The MIT Kerberos Team described these vulnerabilities in more detail in an advisory they recently issued. This advisory is available at
Depending on the version of kerberos, the environment in which its running, and the particular vulnerability that is exploited, a remote attacker can cause one or more of the following:
- The KDC to issue invalid tickets for all principles,
- The KDC to generate a "principal unknown" error, or
- The KDC process to crash.
It does not appear that any of these vulnerabilities allows the execution of code by an intruder.
Additional detail can be found in the MIT advisory.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. We will update the appendix as we receive more information. If you do not see your vendor's name, the CERT/CC did not hear from that vendor. Please contact your vendor directly.
Apply the MIT patches
If you are running a Kerberos distribution from MIT and can rebuild your binaries from source, you can apply the source code patches from MIT to correct these problems. These patches are available in the MIT Advisory.
If you are running other MIT-derived implementations, you need to apply the appropriate vendor patches and recompile the KDC server software.
Disable Kerberos version 4 authentication in Kerberos version 5 if possible
As suggested by MIT, krb4 authentication in some daemons can be disabled at run time by supplying command-line options to the KDC server. Optionally, the krb5 distribution may be compiled with the option '--without-krb4' to disable all krb4 ticket handling by default.
Upgrade to MIT Kerberos 5 version 1.2
The vulnerabilities described in this advisory will be addressed in Kerberos 5 version 1.2. This version will be available from the MIT Kerberos web site:
The MIT Kerberos Team advisory on this topic is available from:
BSDI is working on a patch for this problem and will announce it via our normal channels as soon as it is available.
The IBM AFS Kerberos sever shares very little actual code with the original MIT Kerberos server and the code referred to in this advisory is specifically not used. We have reviewed the equivalent functions in our code to eliminate this type of vulnerability.
Versions of kerberos which have been integrated into released versions of NetBSD and distributed as part of the optional, not-for-export "secr" sets are vulnerable to some of the problems cited in the advisory. Integration of the fixes is in progress and will be announced in a NetBSD security advisory when complete.
[...] we don't distribute client or server binaries with MIT Kerberos support.
We distribute source that allows building on UNIX and PC with MIT Kerberos. A site which wants to use Kerberos must build our software (e.g. Pine, imapd, ipopd) locally in order to use MIT Kerberos.
I did not see anything in this alert that specifically indicates a problem for [our] clients or servers. As with all other software built with MIT Kerberos, it would be prudent for a site that uses our software with MIT Kerberos to rebuild it with the patched version of MIT Kerberos.
The CERT Coordination Center thanks Tom Yu and the MIT Kerberos Team for notifying us about these problem and their help in developing this advisory.
Jeff Havrilla was the primary author of the CERT/CC portions of this document.
Copyright 2000, 2001 Carnegie Mellon University, portions Copyright 2000 MIT University.
June 9, 2000: Initial release September 14, 2001: Added IBM statement