projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8241f49) | patch
CVE-2009-0844 SPNEGO can read beyond buffer end
authorTom Yu <tlyu@mit.edu>
Tue, 7 Apr 2009 21:22:17 +0000 (21:22 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 7 Apr 2009 21:22:17 +0000 (21:22 +0000)
commit19b0ab4fae79371e1ccdba38f262b3aa05c20a80
treee336563ab953e990f42d152ce5df53dd6b43708dtree | snapshot
parent8241f4980a11b5494377de4f30992d5a5debca95commit | diff
CVE-2009-0844 SPNEGO can read beyond buffer end

SPNEGO can read beyond the end of a buffer if the claimed DER length
exceeds the number of bytes in the input buffer. This can lead to
crash or information disclosure.

Thanks to Apple for reporting this vulnerability and providing
patches.

ticket: 6443
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22174 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/gssapi/spnego/spnego_mech.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.