[krbdev.mit.edu #6797] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Oct 5 17:05:20 EDT 2010
When the KDC receives certain TGS-REQ messages, it may dereference an
uninitialized pointer while processing authorization data, causing a
crash, or in rare cases, unauthorized information disclosure, ticket
modification, or execution of arbitrary code. The crash may be
triggered by legitimate requests.
Correctly implement the filtering of authorization data items to avoid
leaving uninitialized pointers when omitting items.
http://src.mit.edu/fisheye/changelog/krb5/?cs=24429
Commit By: tlyu
Revision: 24429
Changed Files:
U trunk/src/kdc/kdc_authdata.c
More information about the krb5-bugs
mailing list