CVE-2015-3206

NameCVE-2015-3206
DescriptionThe checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other unspecified impact by performing a man-in-the-middle attack.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-265-1, DLA-265-2
NVD severitymedium (attack range: remote)
Debian Bugs796195

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pykerberos (PTS)wheezy1.1+svn4895-1+deb7u1fixed
jessie1.1.5-0.1+deb8u1fixed
stretch1.1.5-2fixed
buster, sid1.1.14-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pykerberossource(unstable)1.1.5-1medium796195
pykerberossourcejessie1.1.5-0.1+deb8u1medium
pykerberossourcesqueeze1.1+svn4895-1+deb6u2mediumDLA-265-2
pykerberossourcewheezy1.1+svn4895-1+deb7u1medium

Notes

CVE originally assigned for python-kerberos, pykerberos is a fork of the
former.
KDC verification support in pykerberos added in https://github.com/02strich/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c
Using the above code as is might break existing installations since a keytab is required to call krb5_verify_init_creds

Search for package or bug name: Reporting problems