Note recent MIT Kerberos 5 vulnerabilities.

svn path=/head/; revision=117768
2025-01-27 10:03:20 +00:00 · 2004-08-31 20:52:16 +00:00 · 2004-08-31 20:52:16 +00:00 · 89b2700d8f · 2021-03-31 03:12:20 +00:00
commit 89b2700d8f
parent e3b6ab4294
1 changed files with 74 additions and 0 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -32,6 +32,80 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="86a98b57-fb8e-11d8-9343-000a95bc6fae">
+    <topic>krb5 -- double-free vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>krb5</name>
+	<range><le>1.3.4</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>An advisory published by the MIT Kerberos team says:</p>
+	<blockquote cite="http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt">
+	  <p>The MIT Kerberos 5 implementation's Key Distribution Center
+	    (KDC) program contains a double-free vulnerability that
+	    potentially allows a remote attacker to execute arbitrary code.
+	    Compromise of a KDC host compromises the security of the entire
+	    authentication realm served by the KDC.  Additionally, double-free
+	    vulnerabilities exist in MIT Kerberos 5 library code, making
+	    client programs and application servers vulnerable.</p>
+	</blockquote>
+	<p>Double-free vulnerabilities of this type are not believed to be
+	  exploitable for code execution on FreeBSD systems.  However, 
+	  the potential for other ill effects may exist.</p>
+      </body>
+    </description>
+    <references>
+      <cvename>CAN-2004-0642</cvename>
+      <cvename>CAN-2004-0643</cvename>
+      <cvename>CAN-2004-0772</cvename>
+      <certvu>795632</certvu>
+      <certvu>866472</certvu>
+      <certvu>350792</certvu>
+      <url>http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt</url>
+    </references>
+    <dates>
+      <discovery>2004-08-31</discovery>
+      <entry>2004-08-31</entry>
+    </dates>
+  </vuln>
+
+  <vuln vid="bd60922b-fb8d-11d8-a13e-000a95bc6fae">
+    <topic>krb5 -- ASN.1 decoder denial-of-service vulnerability</topic>
+    <affects>
+      <package>
+	<name>krb5</name>
+	<range><ge>1.2.2</ge><le>1.3.4</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>An advisory published by the MIT Kerberos team says:</p>
+	<blockquote cite="http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt">
+	  <p>The ASN.1 decoder library in the MIT Kerberos 5 distribution
+	    is vulnerable to a denial-of-service attack causing an infinite
+	    loop in the decoder.  The KDC is vulnerable to this attack.</p>
+	  <p>An unauthenticated remote attacker can cause a KDC or application
+	    server to hang inside an infinite loop.</p>
+	  <p>An attacker impersonating a legitimate KDC or application
+	    server may cause a client program to hang inside an infinite
+  	    loop.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CAN-2004-0644</cvename>
+      <certvu>550464</certvu>
+      <url>http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt</url>
+    </references>
+    <dates>
+      <discovery>2004-08-31</discovery>
+      <entry>2004-08-31</entry>
+    </dates>
+  </vuln>
+
  <vuln vid="ba005226-fb5b-11d8-9837-000c41e2cdad">
    <topic>imlib2 -- BMP decoder buffer overflow</topic>
    <affects>