krb5: Fix S4U2Self KDC crash when anon is restricted - meta-openembedded-contrib - OpenEmbedded layers collection contribution trees

diff options

author	Alexandru Moise <alexandru.moise@windriver.com>	2016-08-26 12:22:57 +0300
committer	Andreas Oberritter <obi@opendreambox.org>	2017-06-26 22:59:19 +0200
commit	7c1f48246bacc40b1c5f0a11488f391f24043e77 (patch)
tree	167e24e93e9c9bb363e57de8f6aecf211f28058d /meta-networking/recipes-connectivity/samba/samba_4.4.5.bb
parent	638486bbab459c87dd7fa66ffaf9f29f7ff7e3ae (diff)
download	meta-openembedded-contrib-7c1f48246bacc40b1c5f0a11488f391f24043e77.tar.gz

krb5: Fix S4U2Self KDC crash when anon is restricted

This is CVE-2016-3120 The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request. Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> (cherry picked from commit 19dc7117fd0e95d1477eb5797fbe2a3cca8f7760) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>

Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba_4.4.5.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: