summaryrefslogtreecommitdiffstats
path: root/src/util/mkrel
diff options
context:
space:
mode:
authorTom Yu <tlyu@mit.edu>2010-02-16 22:10:17 +0000
committerTom Yu <tlyu@mit.edu>2010-02-16 22:10:17 +0000
commitaef4a62723bc1e4cdcdb15c130729d3e130426fd (patch)
treef76f4f833d390ef9e955261231dd6151f23c60f7 /src/util/mkrel
parent373a23547c7c256b6eaf71713706dd847c826f2b (diff)
downloadkrb5-aef4a62723bc1e4cdcdb15c130729d3e130426fd.tar.gz
krb5-aef4a62723bc1e4cdcdb15c130729d3e130426fd.tar.xz
krb5-aef4a62723bc1e4cdcdb15c130729d3e130426fd.zip
MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of service
Code introduced in krb5-1.7 can cause an assertion failure if a KDC-REQ is internally inconsistent, specifically if the ASN.1 tag doesn't match the msg_type field. Thanks to Emmanuel Bouillon (NATO C3 Agency) for discovering and reporting this vulnerability. ticket: 6662 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23724 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/util/mkrel')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2026-01-08 10:49:53 +0000