krb5.git - MIT Kerberos patches

diff options

author	Xi Wang <xi.wang@gmail.com>	2013-02-14 18:17:40 -0500
committer	Ben Kaduk <kaduk@mit.edu>	2013-02-15 14:28:41 -0500
commit	c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed (patch)
tree	93132fc1318cbc47d5567efd03cc84e78e3c7445 /src/plugins/authdata
parent	316bf74b4696058e2b60c95c9d0fc90d6c2c2ffe (diff)
download	krb5-c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed.tar.gz krb5-c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed.tar.xz krb5-c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed.zip

PKINIT null pointer deref [CVE-2013-1415]

Don't dereference a null pointer when cleaning up. The KDC plugin for PKINIT can dereference a null pointer when a malformed packet causes processing to terminate early, leading to a crash of the KDC process. An attacker would need to have a valid PKINIT certificate or have observed a successful PKINIT authentication, or an unauthenticated attacker could execute the attack if anonymous PKINIT is enabled. CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C This is a minimal commit for pullup; style fixes in a followup. [kaduk@mit.edu: reformat and edit commit message] ticket: 7570 (new) target_version: 1.11.1 tags: pullup

Diffstat (limited to 'src/plugins/authdata')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: