CVE-2012-1012 Common Vulnerabilities and Exposures

Upstream information

CVE-2012-1012 at MITRE

Description

server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global list privilege.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5.5
Vector	AV:N/AC:L/Au:S/C:P/I:P/A:N
Access Vector	Network
Access Complexity	Low
Authentication	Single
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entry: 766109 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 12:27:57 2013
CVE page last modified: Sat Jun 15 21:33:30 2024

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12 SP1	`krb5 >= 1.12.1-19.1` `krb5-32bit >= 1.12.1-19.1` `krb5-client >= 1.12.1-19.1` `krb5-devel >= 1.12.1-19.1`	Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA krb5-1.12.1-19.1 SUSE Linux Enterprise Software Development Kit 12 SP1 GA krb5-devel-1.12.1-19.1
SUSE Linux Enterprise Desktop 12 SP2	`krb5 >= 1.12.5-39.1` `krb5-32bit >= 1.12.5-39.1` `krb5-client >= 1.12.5-39.1` `krb5-devel >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA krb5-1.12.5-39.1 SUSE Linux Enterprise Software Development Kit 12 SP2 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Desktop 12 SP3	`krb5 >= 1.12.5-39.1` `krb5-32bit >= 1.12.5-39.1` `krb5-client >= 1.12.5-39.1` `krb5-devel >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Desktop 12 SP3 GA krb5-1.12.5-39.1 SUSE Linux Enterprise Software Development Kit 12 SP3 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Desktop 12 SP4	`krb5 >= 1.12.5-40.28.2` `krb5-32bit >= 1.12.5-40.28.2` `krb5-client >= 1.12.5-40.28.2` `krb5-devel >= 1.12.5-40.28.2`	Patchnames: SUSE Linux Enterprise Desktop 12 SP4 GA krb5-1.12.5-40.28.2 SUSE Linux Enterprise Software Development Kit 12 SP4 GA krb5-devel-1.12.5-40.28.2
SUSE Linux Enterprise Desktop 12	`krb5 >= 1.12.1-6.3` `krb5-32bit >= 1.12.1-6.3` `krb5-client >= 1.12.1-6.3` `krb5-devel >= 1.12.1-6.3`	Patchnames: SUSE Linux Enterprise Desktop 12 GA krb5-1.12.1-6.3 SUSE Linux Enterprise Software Development Kit 12 GA krb5-devel-1.12.1-6.3
SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise Module for Basesystem 15	`krb5 >= 1.15.2-4.25` `krb5-32bit >= 1.15.2-4.25` `krb5-client >= 1.15.2-4.25` `krb5-devel >= 1.15.2-4.25` `krb5-plugin-preauth-otp >= 1.15.2-4.25` `krb5-plugin-preauth-pkinit >= 1.15.2-4.25`	Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA krb5-1.15.2-4.25
SUSE Linux Enterprise High Performance Computing 12 SP5	`krb5 >= 1.12.5-40.37.7` `krb5-32bit >= 1.12.5-40.37.7` `krb5-client >= 1.12.5-40.37.7` `krb5-doc >= 1.12.5-40.37.7` `krb5-plugin-kdb-ldap >= 1.12.5-40.37.7` `krb5-plugin-preauth-otp >= 1.12.5-40.37.7` `krb5-plugin-preauth-pkinit >= 1.12.5-40.37.7` `krb5-server >= 1.12.5-40.37.7`	Patchnames: SUSE Linux Enterprise High Performance Computing 12 SP5 GA krb5-1.12.5-40.37.7
SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15	`krb5 >= 1.15.2-4.25` `krb5-32bit >= 1.15.2-4.25` `krb5-client >= 1.15.2-4.25` `krb5-devel >= 1.15.2-4.25` `krb5-plugin-kdb-ldap >= 1.15.2-4.25` `krb5-plugin-preauth-otp >= 1.15.2-4.25` `krb5-plugin-preauth-pkinit >= 1.15.2-4.25` `krb5-server >= 1.15.2-4.25`	Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA krb5-1.15.2-4.25 SUSE Linux Enterprise Module for Server Applications 15 GA krb5-plugin-kdb-ldap-1.15.2-4.25
SUSE Linux Enterprise Micro 6.0	`krb5 >= 1.20.1-4.11`	Patchnames: SUSE Linux Enterprise Micro 6.0 GA krb5-1.20.1-4.11
SUSE Linux Enterprise Module for Server Applications 15	`krb5-plugin-kdb-ldap >= 1.15.2-4.25` `krb5-server >= 1.15.2-4.25`	Patchnames: SUSE Linux Enterprise Module for Server Applications 15 GA krb5-plugin-kdb-ldap-1.15.2-4.25
SUSE Linux Enterprise Server 12 SP1	`krb5 >= 1.12.1-19.1` `krb5-32bit >= 1.12.1-19.1` `krb5-client >= 1.12.1-19.1` `krb5-devel >= 1.12.1-19.1` `krb5-doc >= 1.12.1-19.1` `krb5-plugin-kdb-ldap >= 1.12.1-19.1` `krb5-plugin-preauth-otp >= 1.12.1-19.1` `krb5-plugin-preauth-pkinit >= 1.12.1-19.1` `krb5-server >= 1.12.1-19.1`	Patchnames: SUSE Linux Enterprise Server 12 SP1 GA krb5-1.12.1-19.1 SUSE Linux Enterprise Software Development Kit 12 SP1 GA krb5-devel-1.12.1-19.1
SUSE Linux Enterprise Server 12 SP2	`krb5 >= 1.12.5-39.1` `krb5-32bit >= 1.12.5-39.1` `krb5-client >= 1.12.5-39.1` `krb5-devel >= 1.12.5-39.1` `krb5-doc >= 1.12.5-39.1` `krb5-plugin-kdb-ldap >= 1.12.5-39.1` `krb5-plugin-preauth-otp >= 1.12.5-39.1` `krb5-plugin-preauth-pkinit >= 1.12.5-39.1` `krb5-server >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Server 12 SP2 GA krb5-1.12.5-39.1 SUSE Linux Enterprise Software Development Kit 12 SP2 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Server 12 SP3	`krb5 >= 1.12.5-39.1` `krb5-32bit >= 1.12.5-39.1` `krb5-client >= 1.12.5-39.1` `krb5-devel >= 1.12.5-39.1` `krb5-doc >= 1.12.5-39.1` `krb5-plugin-kdb-ldap >= 1.12.5-39.1` `krb5-plugin-preauth-otp >= 1.12.5-39.1` `krb5-plugin-preauth-pkinit >= 1.12.5-39.1` `krb5-server >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Server 12 SP3 GA krb5-1.12.5-39.1 SUSE Linux Enterprise Software Development Kit 12 SP3 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Server 12 SP4	`krb5 >= 1.12.5-40.28.2` `krb5-32bit >= 1.12.5-40.28.2` `krb5-client >= 1.12.5-40.28.2` `krb5-devel >= 1.12.5-40.28.2` `krb5-doc >= 1.12.5-40.28.2` `krb5-plugin-kdb-ldap >= 1.12.5-40.28.2` `krb5-plugin-preauth-otp >= 1.12.5-40.28.2` `krb5-plugin-preauth-pkinit >= 1.12.5-40.28.2` `krb5-server >= 1.12.5-40.28.2`	Patchnames: SUSE Linux Enterprise Server 12 SP4 GA krb5-1.12.5-40.28.2 SUSE Linux Enterprise Software Development Kit 12 SP4 GA krb5-devel-1.12.5-40.28.2
SUSE Linux Enterprise Server 12 SP5	`krb5 >= 1.12.5-40.37.7` `krb5-32bit >= 1.12.5-40.37.7` `krb5-client >= 1.12.5-40.37.7` `krb5-devel >= 1.12.5-40.37.7` `krb5-doc >= 1.12.5-40.37.7` `krb5-plugin-kdb-ldap >= 1.12.5-40.37.7` `krb5-plugin-preauth-otp >= 1.12.5-40.37.7` `krb5-plugin-preauth-pkinit >= 1.12.5-40.37.7` `krb5-server >= 1.12.5-40.37.7`	Patchnames: SUSE Linux Enterprise Server 12 SP5 GA krb5-1.12.5-40.37.7 SUSE Linux Enterprise Software Development Kit 12 SP5 GA krb5-devel-1.12.5-40.37.7
SUSE Linux Enterprise Server 12	`krb5 >= 1.12.1-6.3` `krb5-32bit >= 1.12.1-6.3` `krb5-client >= 1.12.1-6.3` `krb5-devel >= 1.12.1-6.3` `krb5-doc >= 1.12.1-6.3` `krb5-plugin-kdb-ldap >= 1.12.1-6.3` `krb5-plugin-preauth-otp >= 1.12.1-6.3` `krb5-plugin-preauth-pkinit >= 1.12.1-6.3` `krb5-server >= 1.12.1-6.3`	Patchnames: SUSE Linux Enterprise Server 12 GA krb5-1.12.1-6.2 SUSE Linux Enterprise Software Development Kit 12 GA krb5-devel-1.12.1-6.3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	`krb5 >= 1.12.5-39.1` `krb5-client >= 1.12.5-39.1` `krb5-doc >= 1.12.5-39.1` `krb5-plugin-kdb-ldap >= 1.12.5-39.1` `krb5-plugin-preauth-otp >= 1.12.5-39.1` `krb5-plugin-preauth-pkinit >= 1.12.5-39.1` `krb5-server >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA krb5-1.12.5-39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1	`krb5-devel >= 1.12.1-19.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA krb5-devel-1.12.1-19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2	`krb5-devel >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3	`krb5-devel >= 1.12.5-39.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP3 GA krb5-devel-1.12.5-39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4	`krb5-devel >= 1.12.5-40.28.2`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP4 GA krb5-devel-1.12.5-40.28.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5	`krb5-devel >= 1.12.5-40.37.7`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA krb5-devel-1.12.5-40.37.7
SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Software Development Kit 12	`krb5-devel >= 1.12.1-6.3`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 GA krb5-devel-1.12.1-6.3
openSUSE Leap 15.0	`krb5 >= 1.15.2-lp150.4.4` `krb5-32bit >= 1.15.2-lp150.4.4` `krb5-server >= 1.15.2-lp150.4.4`	Patchnames: openSUSE Leap 15.0 GA krb5-1.15.2-lp150.4.4
openSUSE Tumbleweed	`krb5 >= 1.15-1.1` `krb5-32bit >= 1.15-1.1` `krb5-client >= 1.15-1.1` `krb5-devel >= 1.15-1.1` `krb5-devel-32bit >= 1.15-1.1` `krb5-doc >= 1.15-1.1` `krb5-mini >= 1.15-1.1` `krb5-mini-devel >= 1.15-1.1` `krb5-plugin-kdb-ldap >= 1.15-1.1` `krb5-plugin-preauth-otp >= 1.15-1.1` `krb5-plugin-preauth-pkinit >= 1.15-1.1` `krb5-server >= 1.15-1.1`	Patchnames: openSUSE-Tumbleweed-2024-10004