Kerberos4 KDC AUTH_MSG_KDC_REQUEST NULL termination Vulnerability

Kerberos4 KDC and Kerberos5 KDC enabled to serve Kerberos4 tickets are vulnerable to a denial of service. The code that services AUTH_MSG_KDC_REQUESTs does not properly check for null-termination.


 

Privacy Statement
Copyright 2010, SecurityFocus