Bug 143443

Summary: CAN-2004-1189 heap buffer overflow in password history mechanism [MITKRB5-SA-2004-004]
Product: [Fedora] Fedora Reporter: Marcin Garski <mgarski>
Component: krb5Assignee: Nalin Dahyabhai <nalin>
Status: CLOSED DUPLICATE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-004-pwhist.txt
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-21 14:07:45 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Marcin Garski 2004-12-20 18:06:07 EST
Probably also affect RHEL!

From Security Advisory:
The MIT Kerberos 5 administration library (libkadm5srv) contains a
heap buffer overflow in password history handling code which could be
exploited to execute arbitrary code on a Key Distribution Center (KDC)
host.  The overflow occurs during a password change of a principal
with a certain password history state.  An administrator must have
performed a certain password policy change in order to create the
vulnerable state.

An authenticated user, not necessarily one with administrative
privileges, could execute arbitrary code on the KDC host, compromising
an entire Kerberos realm.
Comment 1 Josh Bressers 2004-12-21 08:12:56 EST

*** This bug has been marked as a duplicate of 142904 ***
Comment 2 Red Hat Bugzilla 2006-02-21 14:07:45 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.