Computer Security
[EN] securityvulns.ru no-pyccku


MIT Kerberos 5 DoS
Published:01.04.2009
Source:
SecurityVulns ID:9792
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference on malformed packet.
Affected:MIT : krb5 1.6
CVE:CVE-2009-0845 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:082 ] krb5 (01.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod