Gentoo Bug 262736 - <app-crypt/mit-krb5-1.6.3-r5: SPNEGO can dereference a null pointer (CVE-2009-0845)

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	262736
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 262736 depends on:			Show dependency tree
Bug 262736 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2009-03-16 22:20 0000

A null pointer dereference in libgssapi_krb5 can lead to a Denial of Service in
kerberized daemons. See referenced bug report for details and patch (committed
to SVN trunk and 1.7 branch).

------- Comment #1 From Robert Buchholz 2009-03-18 17:24:38 0000 -------

ping, please apply this patch.
http://anonsvn.mit.edu/cgi-bin/viewcvs.cgi?rev=22084&view=rev

------- Comment #2 From Michael Hammer 2009-03-20 09:31:37 0000 -------

Committed mit-krb5-1.6.3-r5 with new patch set release including this patch.
Made arch unstable as local installed files are definitely modified.

g, mueli

------- Comment #3 From Alex Legler 2009-03-20 10:46:34 0000 -------

Arches, please test and mark stable:
=app-crypt/mit-krb5-1.6.3-r5
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"

------- Comment #4 From Brent Baude 2009-03-20 15:31:30 0000 -------

ppc64 done

------- Comment #5 From Brent Baude 2009-03-20 15:31:40 0000 -------

ppc done

------- Comment #6 From Markus Meier 2009-03-20 23:36:57 0000 -------

amd64/x86 stable

------- Comment #7 From Tobias Klausmann 2009-03-22 18:40:35 0000 -------

Stable on alpha.

------- Comment #8 From Raúl Porcel 2009-03-23 14:32:12 0000 -------

arm/ia64/m68k/s390/sh/sparc stable

------- Comment #9 From Jeroen Roovers 2009-03-27 21:41:52 0000 -------

Stable for HPPA.

------- Comment #10 From Alex Legler 2009-03-28 10:25:50 0000 -------

CVE-2009-0845 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0845):
  The spnego_gss_accept_sec_context function in
  lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3,
  when SPNEGO is used, allows remote attackers to cause a denial of
  service (NULL pointer dereference and application crash) via invalid
  ContextFlags data in the reqFlags field in a negTokenInit token.

------- Comment #11 From Pierre-Yves Rofes 2009-04-08 18:18:57 0000 -------

glsa with #263398

------- Comment #12 From Robert Buchholz 2009-04-08 22:47:26 0000 -------

GLSA 200904-09

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 262736

<app-crypt/mit-krb5-1.6.3-r5: SPNEGO can dereference a null pointer (CVE-2009-0845)

Last modified: 2009-04-08 22:47:26 0000