MITKRB5-SA-2009-003 CVE-2009-3295 KDC null deref in referrals
authorTom Yu <tlyu@mit.edu>
Tue, 29 Dec 2009 02:42:51 +0000 (02:42 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 29 Dec 2009 02:42:51 +0000 (02:42 +0000)
commit289555f989b42f2b8d13efe4904dc3515433d5e5
tree10058cd9b1cbc5ad04a7198b5b9a050e2c4c1017
parent2656433242405bba721ff2dd46047a38669a3fd3
MITKRB5-SA-2009-003 CVE-2009-3295 KDC null deref in referrals

On certain error conditions, prep_reprocess_req() calls kdc_err() with
a null pointer as the format string, causing a null dereference and
denial of service.  Legitimate protocol requests can trigger this
problem.

ticket: 6608
tags: pullup
target_version: 1.7.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23533 dc483132-0cff-0310-8789-dd5450dbe970
src/kdc/do_tgs_req.c
src/lib/kadm5/logger.c