Bug 143443 - CAN-2004-1189 heap buffer overflow in password history mechanism [MITKRB5-SA-2004-004]
CAN-2004-1189 heap buffer overflow in password history mechanism [MITKRB5-SA-...
Status: CLOSED DUPLICATE of bug 142904
Product: Fedora
Classification: Fedora
Component: krb5 (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
http://web.mit.edu/kerberos/www/advis...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-20 18:06 EST by Marcin Garski
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:07:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcin Garski 2004-12-20 18:06:07 EST
Probably also affect RHEL!

From Security Advisory:
The MIT Kerberos 5 administration library (libkadm5srv) contains a
heap buffer overflow in password history handling code which could be
exploited to execute arbitrary code on a Key Distribution Center (KDC)
host.  The overflow occurs during a password change of a principal
with a certain password history state.  An administrator must have
performed a certain password policy change in order to create the
vulnerable state.

An authenticated user, not necessarily one with administrative
privileges, could execute arbitrary code on the KDC host, compromising
an entire Kerberos realm.
Comment 1 Josh Bressers 2004-12-21 08:12:56 EST

*** This bug has been marked as a duplicate of 142904 ***
Comment 2 Red Hat Bugzilla 2006-02-21 14:07:45 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.