MIT Kerberos 1.7 krb5kdc SEGV
Tom Yu
tlyu at MIT.EDU
Mon Dec 28 22:05:12 EST 2009
Jeff Blaine <jblaine at kickflop.net> writes:
> MIT Kerberos 1.7 built on Solaris 10 SPARC
>
> Runs fine generally.
>
> Got it to crash today when:
>
> PuTTY-GSSAPI connecting to a CentOS 5.3 box's sshd (box
> is a krb5 client and is configured to do krb5 auth via PAM)
>
> For more details, ask me specifics please
>
> signal SEGV (no mapping at the fault address) in klog_com_err_proc at
> line 221 in file "logger.c"
> 221 if ((((unsigned char) *format) > 0) && (((unsigned char)
> *format) <= 8)) {
> (dbx) where
> =>[1] klog_com_err_proc(whoami = 0xffbffe2b "krb5kdc", code =
> -1765328141, format = (nil), ap = 0xffbfe4a0), line 221 in "logger.c"
> [2] com_err_va(whoami = 0xff2d1c98 "", code = -1765328141, fmt =
> (nil), ap = 0xffbfe4a0), line 112 in "com_err.c"
> [3] kdc_err(call_context = 0x96c73af3, code = -1765328141, fmt =
> (nil), ...), line 121 in "main.c"
Thanks. This is the topic of a security advisory published today:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-003.txt
(It's not a terribly serious vulnerability, but you probably want the
patch anyway.)
More information about the krbdev
mailing list