CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
97.9%
CentOS Errata and Security Advisory CESA-2009:0409
Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).
An input validation flaw was found in the ASN.1 (Abstract Syntax Notation
One) decoder used by MIT Kerberos. A remote attacker could use this flaw to
crash a network service using the MIT Kerberos library, such as kadmind or
krb5kdc, by causing it to dereference or free an uninitialized pointer.
(CVE-2009-0846)
All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct this issue. All running services using the MIT
Kerberos libraries must be restarted for the update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2009-April/077889.html
https://lists.centos.org/pipermail/centos-announce/2009-April/077894.html
https://lists.centos.org/pipermail/centos-announce/2009-April/077978.html
https://lists.centos.org/pipermail/centos-announce/2009-April/077979.html
Affected packages:
krb5-devel
krb5-libs
krb5-server
krb5-workstation
Upstream details at:
https://access.redhat.com/errata/RHSA-2009:0409
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | krb5-devel | < 1.3.4-60.c4.2 | krb5-devel-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-libs | < 1.3.4-60.c4.2 | krb5-libs-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-server | < 1.3.4-60.c4.2 | krb5-server-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-workstation | < 1.3.4-60.c4.2 | krb5-workstation-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-devel | < 1.3.4-60.c4.2 | krb5-devel-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-libs | < 1.3.4-60.c4.2 | krb5-libs-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-server | < 1.3.4-60.c4.2 | krb5-server-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | ia64 | krb5-workstation | < 1.3.4-60.c4.2 | krb5-workstation-1.3.4-60.c4.2.ia64.rpm |
CentOS | 4 | s390 | krb5-devel | < 1.3.4-60.c4.2 | krb5-devel-1.3.4-60.c4.2.s390.rpm |
CentOS | 4 | s390 | krb5-libs | < 1.3.4-60.c4.2 | krb5-libs-1.3.4-60.c4.2.s390.rpm |