265392 – app-crypt/mit-krb5 < 1.6.4 - ASN.1 decoder frees uninitialized pointer {CVE-2009-0846}

Bug 265392 - app-crypt/mit-krb5 < 1.6.4 - ASN.1 decoder frees uninitialized pointer {CVE-2009-0846}

Summary: app-crypt/mit-krb5 < 1.6.4 - ASN.1 decoder frees uninitialized pointer {CVE-2...

Status:	RESOLVED DUPLICATE of bug 263398

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://web.mit.edu/kerberos/advisorie...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2009-04-07 23:57 UTC by Heath Caldwell (RETIRED)
Modified:	2009-04-08 00:49 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Heath Caldwell (RETIRED) gentoo-dev

2009-04-07 23:57:18 UTC

From advisory:
...
An ASN.1 decoder can free an uninitialized pointer when decoding an
invalid encoding.  This can cause a Kerberos application to crash, or,
under theoretically possible but unlikely circumstances, execute
arbitrary malicious code.  No exploit is known to exist that would
cause arbitrary code execution.

This is an implementation vulnerability in MIT krb5, and is not a
vulnerability in the Kerberos protocol.
...

Reproducible: Always

Steps to Reproduce:

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2009-04-08 00:49:24 UTC

Let's handle this on bug 263398.

*** This bug has been marked as a duplicate of bug 263398 ***