krb5: denial of service
| Package(s): | krb5 | CVE #(s): | CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | March 30, 2009 | Updated: | January 14, 2010 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | From the Mandriva advisory: The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token (CVE-2009-0845). From the Red Hat advisory: An input validation flaw was found in the ASN.1 (Abstract Syntax Notation One) decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer. (CVE-2009-0846) Multiple input validation flaws were found in the MIT Kerberos GSS-API library's implementation of the SPNEGO mechanism. A remote attacker could use these flaws to crash any network service utilizing the MIT Kerberos GSS-API library to authenticate users or, possibly, leak portions of the service's memory. (CVE-2009-0844, CVE-2009-0845) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||