Bug 83616 - Multiple kerberos vulnerabilities
Summary: Multiple kerberos vulnerabilities
Alias: None
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: krb5   
(Show other bugs)
Version: 2.1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2003-02-06 11:36 UTC by Mark J. Cox
Modified: 2007-11-30 22:06 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-09-15 21:18:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2003:052 normal SHIPPED_LIVE Critical: krb5 security update 2003-03-27 05:00:00 UTC

Description Mark J. Cox 2003-02-06 11:36:28 UTC
An integer signedness error in the ASN.1 decoder before version 1.2.5
allows remote attackers to cause a denial of service via a large unsigned
data element length, which is later used as a negative value.  The Common
Vulnerabilities and Exposures project has assigned the name CAN-2002-0036
to this issue.  

The Key Distribution Center (KDC) before version 1.2.5 allows remote,
authenticated, attackers to cause a denial of service (crash) on KDCs
within the same realm via a certain protocol request that causes a null
dereference.  The Common Vulnerabilities and Exposures project has assigned
the name CAN-2003-0058 to this issue.

A vulnerability in the Kerberos before version 1.2.3 allows users from one
realm to impersonate users in other realms that have the same inter-realm
keys.  The Common Vulnerabilities and Exposures project has assigned the
name CAN-2003-0059 to this issue.

The MIT advisory for these issues also mentions format string
vulnerabilities in the logging routines (CAN-2003-0060).  Previous versions
of the kerberos packages from Red Hat already contain fixes for this issue.

Comment 1 Nalin Dahyabhai 2005-09-15 21:18:20 UTC
These were addressed in RHSA-2003-052, closing.

Note You need to log in before you can comment on or make changes to this bug.