Computer Security
[EN] securityvulns.ru no-pyccku


MIT Kerberos 5 multiple security vulnerabilities
Published:08.04.2009
Source:
SecurityVulns ID:9803
Type:remote
Threat Level:
7/10
Description:Multiple DoS conditions, free() of uninitialized pointer.
Affected:MIT : krb5 1.5
 MIT : krb5 1.6
CVE:CVE-2009-0847 (The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.)
 CVE-2009-0846 (The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.)
 CVE-2009-0845 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.)
 CVE-2009-0844 (The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.)
Original documentdocumentMIT, MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846] (08.04.2009)
 documentMIT, MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847] (08.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod