Vulnerability-Lookup

CVE-2017-11103 (GCVE-0-2017-11103)

Vulnerability from cvelistv5 – Published: 2017-07-13 13:00 – Updated: 2024-08-05 17:57

Summary

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://support.apple.com/HT208221	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3912	vendor-advisoryx_refsource_DEBIAN
	https://support.apple.com/HT208144	x_refsource_CONFIRM
	https://www.orpheus-lyre.info/	x_refsource_MISC
	https://www.freebsd.org/security/advisories/FreeB…	vendor-advisoryx_refsource_FREEBSD
	http://www.securityfocus.com/bid/99551	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1039427	vdb-entryx_refsource_SECTRACK
	https://www.samba.org/samba/security/CVE-2017-111…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038876	vdb-entryx_refsource_SECTRACK
	https://support.apple.com/HT208112	x_refsource_CONFIRM
	https://github.com/heimdal/heimdal/releases/tag/h…	x_refsource_CONFIRM
	http://www.h5l.org/advisories.html?show=2017-07-11	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:57.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "DSA-3912",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3912"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208144"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.orpheus-lyre.info/"
          },
          {
            "name": "FreeBSD-SA-17:05",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
          },
          {
            "name": "99551",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99551"
          },
          {
            "name": "1039427",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039427"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
          },
          {
            "name": "1038876",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038876"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208112"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-20T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "DSA-3912",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3912"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208144"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.orpheus-lyre.info/"
        },
        {
          "name": "FreeBSD-SA-17:05",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
        },
        {
          "name": "99551",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99551"
        },
        {
          "name": "1039427",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039427"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
        },
        {
          "name": "1038876",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038876"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208112"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11103",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "DSA-3912",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3912"
            },
            {
              "name": "https://support.apple.com/HT208144",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208144"
            },
            {
              "name": "https://www.orpheus-lyre.info/",
              "refsource": "MISC",
              "url": "https://www.orpheus-lyre.info/"
            },
            {
              "name": "FreeBSD-SA-17:05",
              "refsource": "FREEBSD",
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
            },
            {
              "name": "99551",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99551"
            },
            {
              "name": "1039427",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039427"
            },
            {
              "name": "https://www.samba.org/samba/security/CVE-2017-11103.html",
              "refsource": "CONFIRM",
              "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
            },
            {
              "name": "1038876",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038876"
            },
            {
              "name": "https://support.apple.com/HT208112",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208112"
            },
            {
              "name": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0",
              "refsource": "CONFIRM",
              "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
            },
            {
              "name": "http://www.h5l.org/advisories.html?show=2017-07-11",
              "refsource": "CONFIRM",
              "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11103",
    "datePublished": "2017-07-13T13:00:00.000Z",
    "dateReserved": "2017-07-07T00:00:00.000Z",
    "dateUpdated": "2024-08-05T17:57:57.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CNVD-2017-16980

Vulnerability from cnvd - Published: 2017-07-27

Title

Heimdal中间人安全限制绕过漏洞

Description

Heimdal是一种Kerberos 5实现，主要在瑞典开发。 Heimdal在获取服务协议名时，违反了Kerberos 5协议规定，允许远程攻击者利用漏洞提交特殊的请求，绕过某些安全限制，执行未授权操作。

Severity

中

Patch Name

Heimdal中间人安全限制绕过漏洞的补丁

Patch Description

Heimdal是一种Kerberos 5实现，主要在瑞典开发。 Heimdal在获取服务协议名时，违反了Kerberos 5协议规定，允许远程攻击者利用漏洞提交特殊的请求，绕过某些安全限制，执行未授权操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0

Reference

http://www.securityfocus.com/bid/99551

Impacted products

Name
h5l Heimdal <7.4

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99551"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-11103"
    }
  },
  "description": "Heimdal\u662f\u4e00\u79cdKerberos 5\u5b9e\u73b0\uff0c\u4e3b\u8981\u5728\u745e\u5178\u5f00\u53d1\u3002\r\n\r\nHeimdal\u5728\u83b7\u53d6\u670d\u52a1\u534f\u8bae\u540d\u65f6\uff0c\u8fdd\u53cd\u4e86Kerberos 5\u534f\u8bae\u89c4\u5b9a\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "discovererName": "h5l",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-16980",
  "openTime": "2017-07-27",
  "patchDescription": "Heimdal\u662f\u4e00\u79cdKerberos 5\u5b9e\u73b0\uff0c\u4e3b\u8981\u5728\u745e\u5178\u5f00\u53d1\u3002\r\n\r\nHeimdal\u5728\u83b7\u53d6\u670d\u52a1\u534f\u8bae\u540d\u65f6\uff0c\u8fdd\u53cd\u4e86Kerberos 5\u534f\u8bae\u89c4\u5b9a\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Heimdal\u4e2d\u95f4\u4eba\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "h5l Heimdal \u003c7.4"
  },
  "referenceLink": "http://www.securityfocus.com/bid/99551",
  "serverity": "\u4e2d",
  "submitTime": "2017-07-17",
  "title": "Heimdal\u4e2d\u95f4\u4eba\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2017-11103

Vulnerability from fstec - Published: 13.07.2017

Title

Уязвимость функции _krb5_extract_ticket() пакета программ сетевого взаимодействия Samba, связанная с недостатком механизма проверки подлинности данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Description

Уязвимость функции _krb5_extract_ticket() пакета программ сетевого взаимодействия Samba связана с недостатком механизма проверки подлинности данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Samba Team, Apple Inc.

Software Name

Debian GNU/Linux, Astra Linux Common Edition (запись в едином реестре российских программ №4433), Samba, iOS, OS X

Software Version

9 (Debian GNU/Linux), 2.12 «Орёл» (Astra Linux Common Edition), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), от 4.0.0 до 4.4.15 (Samba), от 4.5.0 до 4.5.12 (Samba), от 4.6.0 до 4.6.6 (Samba), до 11.0 (iOS), до 10.13.1 (OS X)

Possible Mitigations

Использование рекомендаций: Для Samba: Обновление программного обеспечения до 4.5.2 или более поздней версии Для Debian: Обновление программного обеспечения (пакета samba) до 2:4.2.14+dfsg-0+deb8u2 или более поздней версии Для Astra Linux: Обновление программного обеспечения (пакета samba) до 2:4.2.14+dfsg-0+deb8u2 или более поздней версии Для программных продуктов Apple Inc.: https://support.apple.com/HT208112 https://support.apple.com/HT208144 https://support.apple.com/HT208221

Reference

http://www.securityfocus.com/bid/99551 http://www.securitytracker.com/id/1038876 http://www.securitytracker.com/id/1039427 https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0 https://nvd.nist.gov/vuln/detail/CVE-2017-11103 https://security-tracker.debian.org/tracker/CVE-2017-11103 https://support.apple.com/HT208112 https://support.apple.com/HT208144 https://support.apple.com/HT208221 https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc https://www.orpheus-lyre.info/ https://www.samba.org/samba/security/CVE-2017-11103.html

CWE

CWE-345

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Samba Team, Apple Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (Astra Linux Common Edition), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), \u043e\u0442 4.0.0 \u0434\u043e 4.4.15 (Samba), \u043e\u0442 4.5.0 \u0434\u043e 4.5.12 (Samba), \u043e\u0442 4.6.0 \u0434\u043e 4.6.6 (Samba), \u0434\u043e 11.0 (iOS), \u0434\u043e 10.13.1 (OS X)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Samba:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 4.5.2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 samba) \u0434\u043e 2:4.2.14+dfsg-0+deb8u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 samba) \u0434\u043e 2:4.2.14+dfsg-0+deb8u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Apple Inc.:\nhttps://support.apple.com/HT208112 \nhttps://support.apple.com/HT208144 \nhttps://support.apple.com/HT208221",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.07.2017",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.03.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-01424",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-11103",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Samba, iOS, OS X",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Apple Inc. iOS \u0434\u043e 11.0 , Apple Inc. OS X \u0434\u043e 10.13.1 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 _krb5_extract_ticket() \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Samba, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-345)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 _krb5_extract_ticket() \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Samba \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.securityfocus.com/bid/99551\nhttp://www.securitytracker.com/id/1038876\nhttp://www.securitytracker.com/id/1039427\nhttps://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-11103\nhttps://security-tracker.debian.org/tracker/CVE-2017-11103\nhttps://support.apple.com/HT208112\nhttps://support.apple.com/HT208144\nhttps://support.apple.com/HT208221\nhttps://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc\nhttps://www.orpheus-lyre.info/\nhttps://www.samba.org/samba/security/CVE-2017-11103.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-345",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,1)"
}

CERTFR-2017-AVI-320

Vulnerability from certfr_avis - Published: 2017-09-26 - Updated: 2017-09-26

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	macOS	macOS Server versions antérieures à 5.4
Apple	macOS	macOS High Sierra versions antérieures à 10.13
Apple	N/A	iCloud pour Windows versions antérieures à 7.0

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT208102 du 25 septembre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208142 du 25 septembre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208144 du 25 septembre 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "macOS Server versions ant\u00e9rieures \u00e0 5.4",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-7127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7127"
    },
    {
      "name": "CVE-2017-7129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7129"
    },
    {
      "name": "CVE-2017-9233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9233"
    },
    {
      "name": "CVE-2017-7091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7091"
    },
    {
      "name": "CVE-2017-7121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7121"
    },
    {
      "name": "CVE-2017-7128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7128"
    },
    {
      "name": "CVE-2016-9842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
    },
    {
      "name": "CVE-2017-7098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7098"
    },
    {
      "name": "CVE-2017-0381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0381"
    },
    {
      "name": "CVE-2017-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7104"
    },
    {
      "name": "CVE-2017-7111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7111"
    },
    {
      "name": "CVE-2017-7102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7102"
    },
    {
      "name": "CVE-2017-10979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10979"
    },
    {
      "name": "CVE-2017-7081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7081"
    },
    {
      "name": "CVE-2017-7120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7120"
    },
    {
      "name": "CVE-2017-7141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7141"
    },
    {
      "name": "CVE-2016-9840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
    },
    {
      "name": "CVE-2017-7114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7114"
    },
    {
      "name": "CVE-2017-10978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10978"
    },
    {
      "name": "CVE-2017-7117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7117"
    },
    {
      "name": "CVE-2017-7126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7126"
    },
    {
      "name": "CVE-2017-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7084"
    },
    {
      "name": "CVE-2017-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6451"
    },
    {
      "name": "CVE-2016-9063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
    },
    {
      "name": "CVE-2017-7093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7093"
    },
    {
      "name": "CVE-2017-7138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7138"
    },
    {
      "name": "CVE-2017-7094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7094"
    },
    {
      "name": "CVE-2016-9843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
    },
    {
      "name": "CVE-2017-7109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7109"
    },
    {
      "name": "CVE-2017-7099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7099"
    },
    {
      "name": "CVE-2017-7087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7087"
    },
    {
      "name": "CVE-2017-7078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7078"
    },
    {
      "name": "CVE-2017-7077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7077"
    },
    {
      "name": "CVE-2017-7122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7122"
    },
    {
      "name": "CVE-2017-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7083"
    },
    {
      "name": "CVE-2017-7074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7074"
    },
    {
      "name": "CVE-2017-7080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7080"
    },
    {
      "name": "CVE-2017-7130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7130"
    },
    {
      "name": "CVE-2017-6455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6455"
    },
    {
      "name": "CVE-2017-7125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7125"
    },
    {
      "name": "CVE-2016-9841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
    },
    {
      "name": "CVE-2017-6463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6463"
    },
    {
      "name": "CVE-2017-7119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7119"
    },
    {
      "name": "CVE-2017-7089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7089"
    },
    {
      "name": "CVE-2017-7096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7096"
    },
    {
      "name": "CVE-2017-6464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6464"
    },
    {
      "name": "CVE-2017-7095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7095"
    },
    {
      "name": "CVE-2017-7123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7123"
    },
    {
      "name": "CVE-2017-1000373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000373"
    },
    {
      "name": "CVE-2017-7086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7086"
    },
    {
      "name": "CVE-2017-7090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7090"
    },
    {
      "name": "CVE-2017-7100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7100"
    },
    {
      "name": "CVE-2017-7106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7106"
    },
    {
      "name": "CVE-2017-6459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6459"
    },
    {
      "name": "CVE-2017-7092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7092"
    },
    {
      "name": "CVE-2017-7143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7143"
    },
    {
      "name": "CVE-2017-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7082"
    },
    {
      "name": "CVE-2017-7107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7107"
    },
    {
      "name": "CVE-2017-6452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6452"
    },
    {
      "name": "CVE-2017-11103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
    },
    {
      "name": "CVE-2017-6462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6462"
    },
    {
      "name": "CVE-2017-6460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6460"
    },
    {
      "name": "CVE-2017-7124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7124"
    },
    {
      "name": "CVE-2017-6458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6458"
    },
    {
      "name": "CVE-2017-10989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10989"
    },
    {
      "name": "CVE-2016-9042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9042"
    }
  ],
  "initial_release_date": "2017-09-26T00:00:00",
  "last_revision_date": "2017-09-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-320",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-09-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208102 du 25 septembre 2017",
      "url": "https://support.apple.com/fr-fr/HT208102"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208142 du 25 septembre 2017",
      "url": "https://support.apple.com/fr-fr/HT208142"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208144 du 25 septembre 2017",
      "url": "https://support.apple.com/fr-fr/HT208144"
    }
  ]
}

CERTFR-2017-AVI-385

Vulnerability from certfr_avis - Published: 2017-11-02 - Updated: 2017-11-02

De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iOS versions antérieures à 11.1
Apple	N/A	watchOS versions antérieures à 4.1
Apple	macOS	macOS Sierra versions sans le correctif de sécurité 2017-001
Apple	N/A	tvOS versions antérieures à 11.1
Apple	macOS	macOS El Capitan sans le correctif de sécurité 2017-004
Apple	N/A	iTunes versions antérieures à 12.7.1 sur Windows
Apple	N/A	iCloud pour Windows versions antérieures à 7.1
Apple	Safari	Safari versions antérieures à 11.0.1
Apple	macOS	macOS High Sierra versions antérieures à 10.13.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT208225 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208222 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208219 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208223 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208220 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208221 du 31 octobre 2017	None	vendor-advisory
Bulletin de sécurité Apple HT208224 du 31 octobre 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 11.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-13802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
    },
    {
      "name": "CVE-2017-13818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
    },
    {
      "name": "CVE-2017-13052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
    },
    {
      "name": "CVE-2017-12993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
    },
    {
      "name": "CVE-2017-13018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
    },
    {
      "name": "CVE-2017-13043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
    },
    {
      "name": "CVE-2017-3169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
    },
    {
      "name": "CVE-2017-9789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
    },
    {
      "name": "CVE-2017-7659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
    },
    {
      "name": "CVE-2016-4736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
    },
    {
      "name": "CVE-2017-13050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
    },
    {
      "name": "CVE-2017-13816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
    },
    {
      "name": "CVE-2017-13798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
    },
    {
      "name": "CVE-2017-11108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
    },
    {
      "name": "CVE-2017-13017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
    },
    {
      "name": "CVE-2017-13831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
    },
    {
      "name": "CVE-2017-11543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
    },
    {
      "name": "CVE-2017-13790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
    },
    {
      "name": "CVE-2017-13000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
    },
    {
      "name": "CVE-2017-13807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
    },
    {
      "name": "CVE-2017-13843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
    },
    {
      "name": "CVE-2017-13055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
    },
    {
      "name": "CVE-2017-7668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
    },
    {
      "name": "CVE-2017-13041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
    },
    {
      "name": "CVE-2017-12902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
    },
    {
      "name": "CVE-2017-13834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
    },
    {
      "name": "CVE-2017-13007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
    },
    {
      "name": "CVE-2017-13687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
    },
    {
      "name": "CVE-2017-13078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
    },
    {
      "name": "CVE-2017-12986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
    },
    {
      "name": "CVE-2017-13821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
    },
    {
      "name": "CVE-2017-13033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
    },
    {
      "name": "CVE-2017-13817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
    },
    {
      "name": "CVE-2017-13799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
    },
    {
      "name": "CVE-2017-12901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
    },
    {
      "name": "CVE-2017-13832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
    },
    {
      "name": "CVE-2017-13011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
    },
    {
      "name": "CVE-2017-13046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
    },
    {
      "name": "CVE-2017-13840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
    },
    {
      "name": "CVE-2017-12897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
    },
    {
      "name": "CVE-2017-13809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
    },
    {
      "name": "CVE-2017-13822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
    },
    {
      "name": "CVE-2017-7113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
    },
    {
      "name": "CVE-2017-13800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
    },
    {
      "name": "CVE-2017-13786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
    },
    {
      "name": "CVE-2017-13003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
    },
    {
      "name": "CVE-2017-13815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
    },
    {
      "name": "CVE-2017-13013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
    },
    {
      "name": "CVE-2017-13001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
    },
    {
      "name": "CVE-2017-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
    },
    {
      "name": "CVE-2017-1000101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
    },
    {
      "name": "CVE-2016-8740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
    },
    {
      "name": "CVE-2017-13048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
    },
    {
      "name": "CVE-2017-13054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
    },
    {
      "name": "CVE-2017-13038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
    },
    {
      "name": "CVE-2017-13841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
    },
    {
      "name": "CVE-2017-13010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
    },
    {
      "name": "CVE-2017-12990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
    },
    {
      "name": "CVE-2017-13783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
    },
    {
      "name": "CVE-2017-13047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
    },
    {
      "name": "CVE-2017-12991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
    },
    {
      "name": "CVE-2017-13805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
    },
    {
      "name": "CVE-2017-13811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
    },
    {
      "name": "CVE-2017-13849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
    },
    {
      "name": "CVE-2017-13032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
    },
    {
      "name": "CVE-2017-13801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
    },
    {
      "name": "CVE-2017-13051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
    },
    {
      "name": "CVE-2017-13036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
    },
    {
      "name": "CVE-2017-9788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
    },
    {
      "name": "CVE-2017-13844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
    },
    {
      "name": "CVE-2016-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
    },
    {
      "name": "CVE-2017-13795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
    },
    {
      "name": "CVE-2017-13690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
    },
    {
      "name": "CVE-2017-13838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
    },
    {
      "name": "CVE-2017-11542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
    },
    {
      "name": "CVE-2017-13842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
    },
    {
      "name": "CVE-2017-12997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
    },
    {
      "name": "CVE-2017-13045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
    },
    {
      "name": "CVE-2017-13026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
    },
    {
      "name": "CVE-2017-13785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
    },
    {
      "name": "CVE-2016-5387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
    },
    {
      "name": "CVE-2017-13796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
    },
    {
      "name": "CVE-2017-13782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
    },
    {
      "name": "CVE-2017-13784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
    },
    {
      "name": "CVE-2017-13042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
    },
    {
      "name": "CVE-2017-12992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
    },
    {
      "name": "CVE-2017-13027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
    },
    {
      "name": "CVE-2017-13034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
    },
    {
      "name": "CVE-2017-13794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
    },
    {
      "name": "CVE-2017-13015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
    },
    {
      "name": "CVE-2017-13725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
    },
    {
      "name": "CVE-2017-13819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
    },
    {
      "name": "CVE-2017-13044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
    },
    {
      "name": "CVE-2017-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
    },
    {
      "name": "CVE-2017-12994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
    },
    {
      "name": "CVE-2017-12998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
    },
    {
      "name": "CVE-2017-13029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
    },
    {
      "name": "CVE-2017-13037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
    },
    {
      "name": "CVE-2017-13788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
    },
    {
      "name": "CVE-2017-7132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
    },
    {
      "name": "CVE-2017-13810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
    },
    {
      "name": "CVE-2017-13039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
    },
    {
      "name": "CVE-2017-13791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
    },
    {
      "name": "CVE-2017-13023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
    },
    {
      "name": "CVE-2017-13020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
    },
    {
      "name": "CVE-2017-13021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
    },
    {
      "name": "CVE-2017-3167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
    },
    {
      "name": "CVE-2017-12896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
    },
    {
      "name": "CVE-2017-13824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
    },
    {
      "name": "CVE-2017-13049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
    },
    {
      "name": "CVE-2017-12999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
    },
    {
      "name": "CVE-2017-13836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
    },
    {
      "name": "CVE-2017-13823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
    },
    {
      "name": "CVE-2017-13846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
    },
    {
      "name": "CVE-2017-12988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
    },
    {
      "name": "CVE-2017-13789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
    },
    {
      "name": "CVE-2017-12985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
    },
    {
      "name": "CVE-2017-12899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
    },
    {
      "name": "CVE-2017-7679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
    },
    {
      "name": "CVE-2017-13014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
    },
    {
      "name": "CVE-2017-12894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
    },
    {
      "name": "CVE-2017-13804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
    },
    {
      "name": "CVE-2017-13024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
    },
    {
      "name": "CVE-2017-13004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
    },
    {
      "name": "CVE-2017-12996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
    },
    {
      "name": "CVE-2017-13830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
    },
    {
      "name": "CVE-2017-12893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
    },
    {
      "name": "CVE-2017-13019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
    },
    {
      "name": "CVE-2017-13030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
    },
    {
      "name": "CVE-2017-13808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
    },
    {
      "name": "CVE-2017-13813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
    },
    {
      "name": "CVE-2017-1000100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
    },
    {
      "name": "CVE-2017-13053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
    },
    {
      "name": "CVE-2017-13040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
    },
    {
      "name": "CVE-2017-13689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
    },
    {
      "name": "CVE-2017-11103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
    },
    {
      "name": "CVE-2017-13005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
    },
    {
      "name": "CVE-2017-13793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
    },
    {
      "name": "CVE-2017-13814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
    },
    {
      "name": "CVE-2017-12987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
    },
    {
      "name": "CVE-2017-13826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
    },
    {
      "name": "CVE-2017-11541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
    },
    {
      "name": "CVE-2017-13025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
    },
    {
      "name": "CVE-2017-13828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
    },
    {
      "name": "CVE-2017-13688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
    },
    {
      "name": "CVE-2017-13820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
    },
    {
      "name": "CVE-2017-12995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
    },
    {
      "name": "CVE-2017-13792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
    },
    {
      "name": "CVE-2017-13031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
    },
    {
      "name": "CVE-2017-13028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
    },
    {
      "name": "CVE-2017-13825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
    },
    {
      "name": "CVE-2016-8743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
    },
    {
      "name": "CVE-2017-13803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
    },
    {
      "name": "CVE-2017-13006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
    },
    {
      "name": "CVE-2017-12895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
    },
    {
      "name": "CVE-2017-13812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
    },
    {
      "name": "CVE-2017-13022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
    },
    {
      "name": "CVE-2017-13012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
    },
    {
      "name": "CVE-2017-13002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
    },
    {
      "name": "CVE-2017-13035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
    },
    {
      "name": "CVE-2017-12989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
    },
    {
      "name": "CVE-2017-13077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
    },
    {
      "name": "CVE-2017-13016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
    },
    {
      "name": "CVE-2017-13080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
    },
    {
      "name": "CVE-2017-12898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
    },
    {
      "name": "CVE-2017-13008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
    }
  ],
  "initial_release_date": "2017-11-02T00:00:00",
  "last_revision_date": "2017-11-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-385",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-11-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208225"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208222"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208219"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208223"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208220"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208221"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
      "url": "https://support.apple.com/en-us/HT208224"
    }
  ]
}

CERTFR-2017-AVI-214

Vulnerability from certfr_avis - Published: 2017-07-13 - Updated: 2017-07-13

Une vulnérabilité a été corrigée dans Samba. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Samba toutes versions 4.0.0 et postérieures utilisant une version embarquée de Heimdal Kerberos

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Samba du 12 juillet 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eSamba toutes versions 4.0.0 et post\u00e9rieures utilisant une  version embarqu\u00e9e de Heimdal Kerberos\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-11103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
    }
  ],
  "initial_release_date": "2017-07-13T00:00:00",
  "last_revision_date": "2017-07-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-214",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eSamba\u003c/span\u003e.\nElle permet \u00e0 un attaquant de provoquer un contournement de la politique\nde s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Samba",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Samba du 12 juillet 2017",
      "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
    }
  ]
}

GSD-2017-11103

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-11103

Aliases

CVE-2017-11103

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-11103",
    "description": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.",
    "id": "GSD-2017-11103",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-11103.html",
      "https://www.debian.org/security/2017/dsa-3912",
      "https://www.debian.org/security/2017/dsa-3909",
      "https://ubuntu.com/security/CVE-2017-11103",
      "https://advisories.mageia.org/CVE-2017-11103.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-11103"
      ],
      "details": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.",
      "id": "GSD-2017-11103",
      "modified": "2023-12-13T01:21:15.686485Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-11103",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.apple.com/HT208221",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "DSA-3912",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2017/dsa-3912"
          },
          {
            "name": "https://support.apple.com/HT208144",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208144"
          },
          {
            "name": "https://www.orpheus-lyre.info/",
            "refsource": "MISC",
            "url": "https://www.orpheus-lyre.info/"
          },
          {
            "name": "FreeBSD-SA-17:05",
            "refsource": "FREEBSD",
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
          },
          {
            "name": "99551",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99551"
          },
          {
            "name": "1039427",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039427"
          },
          {
            "name": "https://www.samba.org/samba/security/CVE-2017-11103.html",
            "refsource": "CONFIRM",
            "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
          },
          {
            "name": "1038876",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038876"
          },
          {
            "name": "https://support.apple.com/HT208112",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208112"
          },
          {
            "name": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0",
            "refsource": "CONFIRM",
            "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
          },
          {
            "name": "http://www.h5l.org/advisories.html?show=2017-07-11",
            "refsource": "CONFIRM",
            "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4.15",
                "versionStartIncluding": "4.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.5.12",
                "versionStartIncluding": "4.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.6.6",
                "versionStartIncluding": "4.6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.13.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11103"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-345"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.samba.org/samba/security/CVE-2017-11103.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
            },
            {
              "name": "https://www.orpheus-lyre.info/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.orpheus-lyre.info/"
            },
            {
              "name": "FreeBSD-SA-17:05",
              "refsource": "FREEBSD",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
            },
            {
              "name": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes"
              ],
              "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
            },
            {
              "name": "http://www.h5l.org/advisories.html?show=2017-07-11",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
            },
            {
              "name": "1038876",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1038876"
            },
            {
              "name": "99551",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99551"
            },
            {
              "name": "1039427",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039427"
            },
            {
              "name": "https://support.apple.com/HT208144",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.apple.com/HT208144"
            },
            {
              "name": "https://support.apple.com/HT208112",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.apple.com/HT208112"
            },
            {
              "name": "DSA-3912",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2017/dsa-3912"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.apple.com/HT208221"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-08-18T15:05Z",
      "publishedDate": "2017-07-13T13:29Z"
    }
  }
}

GHSA-7CM4-Q9WM-9W5G

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2025-04-20 03:40

Details

Severity ?

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-11103"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-345"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-13T13:29:00Z",
    "severity": "HIGH"
  },
  "details": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.",
  "id": "GHSA-7cm4-q9wm-9w5g",
  "modified": "2025-04-20T03:40:40Z",
  "published": "2022-05-13T01:23:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11103"
    },
    {
      "type": "WEB",
      "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208112"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208144"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208221"
    },
    {
      "type": "WEB",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
    },
    {
      "type": "WEB",
      "url": "https://www.orpheus-lyre.info"
    },
    {
      "type": "WEB",
      "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3912"
    },
    {
      "type": "WEB",
      "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99551"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038876"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039427"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-11103

Vulnerability from fkie_nvd - Published: 2017-07-13 13:29 - Updated: 2025-04-20 01:37

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.debian.org/security/2017/dsa-3912	Third Party Advisory
cve@mitre.org	http://www.h5l.org/advisories.html?show=2017-07-11	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/99551	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1038876	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1039427	Third Party Advisory, VDB Entry
cve@mitre.org	https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0	Release Notes
cve@mitre.org	https://support.apple.com/HT208112	Third Party Advisory
cve@mitre.org	https://support.apple.com/HT208144	Third Party Advisory
cve@mitre.org	https://support.apple.com/HT208221	Third Party Advisory
cve@mitre.org	https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc	Third Party Advisory
cve@mitre.org	https://www.orpheus-lyre.info/	Third Party Advisory
cve@mitre.org	https://www.samba.org/samba/security/CVE-2017-11103.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2017/dsa-3912	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.h5l.org/advisories.html?show=2017-07-11	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99551	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038876	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039427	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208112	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208144	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208221	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.orpheus-lyre.info/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.samba.org/samba/security/CVE-2017-11103.html	Third Party Advisory

Impacted products

Vendor	Product	Version
heimdal_project	heimdal	*
freebsd	freebsd	-
samba	samba	*
samba	samba	*
samba	samba	*
apple	iphone_os	*
apple	mac_os_x	*
debian	debian_linux	8.0
debian	debian_linux	9.0
debian	debian_linux	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBB557FB-2D64-4B67-ABB4-232B8532E9F7",
              "versionEndExcluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2AEFCC-A2F6-45A6-A2EF-24F7906E44E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D6C6EB-04EC-4514-947F-37DA23C07BD1",
              "versionEndExcluding": "4.4.15",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93F9D32-8BFD-484B-8D16-6A440132A4E3",
              "versionEndExcluding": "4.5.12",
              "versionStartIncluding": "4.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92EBC874-FF91-47E4-B57D-A54DF0859239",
              "versionEndExcluding": "4.6.6",
              "versionStartIncluding": "4.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17CE3EBB-FF76-4158-81FE-63AECECA988E",
              "versionEndExcluding": "11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C43CA59D-847F-4225-A7A6-02DEB1BB4F64",
              "versionEndExcluding": "10.13.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus\u0027 Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in \u0027enc_part\u0027 instead of the unencrypted version stored in \u0027ticket\u0027. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated."
    },
    {
      "lang": "es",
      "value": "Heimdal en versiones anteriores a la 7.4 permite que atacantes remotos suplanten servicios con ataques Orpheus\u0027 Lyre ya que obtiene nombres de servicios principales, de manera que viola la especificaci\u00f3n del protocolo Kerberos 5. En _krb5_extract_ticket() el nombre del servicio KDC-REP se debe obtener de la versi\u00f3n cifrada almacenada en \u0027enc_part\u0027 en lugar de la versi\u00f3n sin cifrar almacenada en \u0027ticket\u0027. El uso de versiones sin cifrar supone una oportunidad para que se lleve a cabo una suplantaci\u00f3n del servidor exitosa adem\u00e1s de otros ataques. NOTA: este CVE solo es aplicable a Heimdal y otros productos que embeben c\u00f3digo Heimdal."
    }
  ],
  "id": "CVE-2017-11103",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-13T13:29:00.173",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3912"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99551"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038876"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039427"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208112"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208144"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208221"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.orpheus-lyre.info/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2017/dsa-3912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.h5l.org/advisories.html?show=2017-07-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99551"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/HT208221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.orpheus-lyre.info/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.samba.org/samba/security/CVE-2017-11103.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-11103 (GCVE-0-2017-11103)

Solution

Solution

Solution

Tags

Sightings

Nomenclature