Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в MIT Kerberos 5
Опубликовано:8 апреля 2009 г.
Источник:
SecurityVulns ID:9803
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные DoS условия, free() неинициализированного указателя.
Затронутые продукты:MIT : krb5 1.5
 MIT : krb5 1.6
CVE:CVE-2009-0847 (The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.)
 CVE-2009-0846 (The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.)
 CVE-2009-0845 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.)
 CVE-2009-0844 (The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.)
Оригинальный текстdocumentMIT, MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846] (08.04.2009)
 documentMIT, MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847] (08.04.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород