Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 83616 - Multiple kerberos vulnerabilities
Summary: Multiple kerberos vulnerabilities
Alias: None
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: krb5
Version: 2.1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2003-02-06 11:36 UTC by Mark J. Cox
Modified: 2007-11-30 22:06 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-09-15 21:18:20 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2003:052 normal SHIPPED_LIVE Critical: krb5 security update 2003-03-27 05:00:00 UTC

Description Mark J. Cox 2003-02-06 11:36:28 UTC
An integer signedness error in the ASN.1 decoder before version 1.2.5
allows remote attackers to cause a denial of service via a large unsigned
data element length, which is later used as a negative value.  The Common
Vulnerabilities and Exposures project has assigned the name CAN-2002-0036
to this issue.  

The Key Distribution Center (KDC) before version 1.2.5 allows remote,
authenticated, attackers to cause a denial of service (crash) on KDCs
within the same realm via a certain protocol request that causes a null
dereference.  The Common Vulnerabilities and Exposures project has assigned
the name CAN-2003-0058 to this issue.

A vulnerability in the Kerberos before version 1.2.3 allows users from one
realm to impersonate users in other realms that have the same inter-realm
keys.  The Common Vulnerabilities and Exposures project has assigned the
name CAN-2003-0059 to this issue.

The MIT advisory for these issues also mentions format string
vulnerabilities in the logging routines (CAN-2003-0060).  Previous versions
of the kerberos packages from Red Hat already contain fixes for this issue.

Comment 1 Nalin Dahyabhai 2005-09-15 21:18:20 UTC
These were addressed in RHSA-2003-052, closing.

Note You need to log in before you can comment on or make changes to this bug.