Showing 1 - 3 of 3

CVE-2009-3295

Status Candidate

Overview

The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request.

Related Files

Gentoo Linux Security Advisory 201201-13: Posted Jan 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201201-13 - Multiple vulnerabilities have been found in MIT Kerberos 5, the most severe of which may allow remote execution of arbitrary code. Versions less than 1.9.2-r1 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2009-3295, CVE-2009-4212, CVE-2010-0283, CVE-2010-0629, CVE-2010-1320, CVE-2010-1321, CVE-2010-1322, CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4021, CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285, CVE-2011-1527, CVE-2011-1528, CVE-2011-1529, CVE-2011-1530, CVE-2011-4151; SHA-256 | 5fe5b981b497ad572aa4e53428ce29f2dcd53be74dc124715f4b3cff09100dd9; Download | Favorite | View

Ubuntu Security Notice 879-1: Posted Jan 7, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 879-1 - Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten discovered that the Kerberos Key Distribution Center service did not correctly verify certain network traffic. An unauthenticated remote attacker could send a specially crafted request that would cause the KDC to crash, leading to a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2009-3295; SHA-256 | 586b74afd20f62a24f56528081cbd8e04a2dd6f04647fc96239abde103940c33; Download | Favorite | View

MIT krb5 Security Advisory 2009-003: Posted Dec 30, 2009; Site web.mit.edu; MIT krb5 Security Advisory 2009-003 - A null pointer dereference can occur in an error condition in the KDC cross-realm referral processing code in MIT krb5-1.7. This can cause the KDC to crash. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol.; tags | advisory, protocol; advisories | CVE-2009-3295; SHA-256 | 492697d164ff8839715b475976bfa5ce3d9f4e7467ed101685ba6316dbd549a1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2009-3295

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems