262736 – (CVE-2009-0845) <app-crypt/mit-krb5-1.6.3-r5: SPNEGO can dereference a null pointer (CVE-2009-0845)

Bug 262736 (CVE-2009-0845) - <app-crypt/mit-krb5-1.6.3-r5: SPNEGO can dereference a null pointer (CVE-2009-0845)

Summary: <app-crypt/mit-krb5-1.6.3-r5: SPNEGO can dereference a null pointer (CVE-2009...

Status:	RESOLVED FIXED

Alias:	CVE-2009-0845

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://krbdev.mit.edu/rt/Ticket/Displ...
Whiteboard:	A3 [glsa]
Keywords:

Depends on:
Blocks:

Reported:	2009-03-16 22:20 UTC by Robert Buchholz (RETIRED)
Modified:	2009-04-08 22:47 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Buchholz (RETIRED) gentoo-dev

2009-03-16 22:20:33 UTC

A null pointer dereference in libgssapi_krb5 can lead to a Denial of Service in kerberized daemons. See referenced bug report for details and patch (committed to SVN trunk and 1.7 branch).

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2009-03-18 17:24:38 UTC

ping, please apply this patch.
http://anonsvn.mit.edu/cgi-bin/viewcvs.cgi?rev=22084&view=rev

Comment 2 Michael Hammer (RETIRED) gentoo-dev

2009-03-20 09:31:37 UTC

Committed mit-krb5-1.6.3-r5 with new patch set release including this patch. Made arch unstable as local installed files are definitely modified.

g, mueli

Comment 3 Alex Legler (RETIRED) archtester

2009-03-20 10:46:34 UTC

Arches, please test and mark stable:
=app-crypt/mit-krb5-1.6.3-r5
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"

Comment 4 Brent Baude (RETIRED) gentoo-dev

2009-03-20 15:31:30 UTC

ppc64 done

Comment 5 Brent Baude (RETIRED) gentoo-dev

2009-03-20 15:31:40 UTC

ppc done

Comment 6 Markus Meier gentoo-dev

2009-03-20 23:36:57 UTC

amd64/x86 stable

Comment 7 Tobias Klausmann (RETIRED) gentoo-dev

2009-03-22 18:40:35 UTC

Stable on alpha.

Comment 8 Raúl Porcel (RETIRED) gentoo-dev

2009-03-23 14:32:12 UTC

arm/ia64/m68k/s390/sh/sparc stable

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2009-03-27 21:41:52 UTC

Stable for HPPA.

Comment 10 Alex Legler (RETIRED) archtester

2009-03-28 10:25:50 UTC

CVE-2009-0845 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0845):
  The spnego_gss_accept_sec_context function in
  lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3,
  when SPNEGO is used, allows remote attackers to cause a denial of
  service (NULL pointer dereference and application crash) via invalid
  ContextFlags data in the reqFlags field in a negTokenInit token.

Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev

2009-04-08 18:18:57 UTC

glsa with #263398

Comment 12 Robert Buchholz (RETIRED) gentoo-dev

2009-04-08 22:47:26 UTC

GLSA 200904-09