MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
Mike Friedman
mikef at ack.berkeley.edu
Wed Jun 27 17:15:38 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Russ,
You said your patch is for 1.4.4. I'm running 1.4.2 and everything seems
to match except that in kadmin/server/misc.c, your patch inserts code at
line 171 (the end) and my version of misc.c has only 151 lines! Is it
really the case that about 20 lines got added to this module between 1.4.2
and 1.4.4?
Thanks.
Mike
_________________________________________________________________________
Mike Friedman Information Services & Technology
mikef at ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
http://socrates.berkeley.edu/~mikef http://ist.berkeley.edu
_________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBRoLTfa0bf1iNr4mCEQLGIQCgkMh0rmmokwNtnUhd7Oum1xgRuj0AoOtq
00m/wPip6Px4Dw0VeiXFA3hy
=T8xR
-----END PGP SIGNATURE-----
More information about the krbdev
mailing list