MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability

Bugtraq ID: 37486
Class: Design Error
CVE: CVE-2009-3295
Remote: Yes
Local: No
Published: Dec 28 2009 12:00AM
Updated: Jan 24 2012 01:00AM
Credit: Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
SuSE SUSE Linux Enterprise Server 11
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP3
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise SDK 10 SP3
SuSE SUSE Linux Enterprise SDK 10 SP2
SuSE SUSE Linux Enterprise Desktop 11
SuSE SUSE Linux Enterprise Desktop 10 SP3
SuSE SUSE Linux Enterprise Desktop 10 SP2
S.u.S.E. openSUSE 11.2
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
Red Hat Fedora 12
MIT Kerberos 5 1.7
Gentoo Linux
Not Vulnerable: MIT Kerberos 5 1.7.1


 

Privacy Statement
Copyright 2010, SecurityFocus