Computer Security
[EN] no-pyccku

MIT Kerberos 5 integer overflows
SecurityVulns ID:10517
Threat Level:
Description:Integer overflows on RC4 and AES decription.
Affected:MIT : krb5 1.6
 MIT : krb5 1.7
CVE:CVE-2009-4212 (Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.)
Original documentdocumentMIT, MITKRB5-SA-2009-004 [CVE-2009-4212] integer underflow in AES and RC4 decryption (17.01.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod