| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2009-0845
MIT krb5: denial of service via SPNEGO
Synthesis of the vulnerability
| An attacker can use a SPNEGO authentication in order to stop MIT Kerberos. |
Severity: 2/4.
Creation date: 26/03/2009.
|
Description of the vulnerability
The SPNEGO (Simple and Protected GSSAPI NEGOtiation Mechanism, RFC 4178) mechanism is used to negotiate an authentication protocol. The MIT Kerberos server implements SPNEGO.
Two token types are defined: negTokenInit and negTokenResp. The NegTokenInit token contains a bit field named ContextFlags.
When the Kerberos client sends a NegTokenInit with an invalid ContextFlags flag, a NULL pointer is dereferenced in the spnego_gss_accept_sec_context() function of the lib/gssapi/spnego/spnego_mech.c file. This error stops the MIT Kerberos server.
An attacker can therefore use a malicious SPNEGO authentication in order to stop MIT Kerberos. |
Complete Vigil@nce bulletin
Characteristics
Title: MIT krb5: denial of service via SPNEGO.
Keywords: 4178 ContextFlags GSSAPI Kerberos MIT Mechanism NEGOtiation NULL NegTokenInit Protected RFC SPNEGO Simple denial krb5 negTokenInit negTokenResp service spnego_gss_accept_sec_context spnego_mech.
Identifiers: 256728, 6822062, 6822066, BID-34257, CVE-2009-0845, DSA 1766-1, FEDORA-2009-2834, FEDORA-2009-2852, MDVSA-2009:082, MITKRB5-SA-2009-001, MITKRB5-SA-2009-002, SUSE-SA:2009:019, VIGILANCE-VUL-8568.
Pointed by: VIGILANCE-VUL-8608.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerabilities tracking service
|
