Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-0844HistoryApr 09, 2009 - 12:30 a.m.
CVE-2009-0844
2009-04-0900:30:00
Debian Security Bug Tracker
security-tracker.debian.org
8
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.031 Low
EPSS
Percentile
91.0%
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 11 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 10 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 999 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 13 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
Related
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:37:20
ubuntucve
ubuntucve
CVE-2009-0844
2009-04-09 00:00:00
cve
cve
CVE-2009-0844
2009-04-09 00:30:00
prion
prion
Buffer overflow
2009-04-09 00:30:00
seebug
seebug
MIT Kerberos SPNEGOεASN.1ε€δΈͺζη»ζε‘ζΌζ΄
2009-04-10 00:00:00
openvas
openvas
CentOS Update for krb5-devel CESA-2009:0408 centos5 i386
2011-08-09 00:00:00
CentOS Update for krb5-devel CESA-2009:0408 centos5 i386
2011-08-09 00:00:00
RedHat Security Advisory RHSA-2009:0408
2009-04-15 00:00:00
centos
centos
krb5 security update
2009-04-08 12:00:24
vmware
vmware
ESX Service Console update for krb5
2009-06-30 00:00:00
ESX Service Console update for krb5
2009-06-30 00:00:00
nessus
nessus
VMSA-2009-0008 : ESX Service Console update for krb5
2009-07-27 00:00:00
VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check)
2016-03-03 00:00:00
Scientific Linux Security Update : krb5 on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
securityvulns
securityvulns
redhat
redhat
(RHSA-2009:0408) Important: krb5 security update
2009-04-07 00:00:00
suse
suse
remote code execution in krb5
2009-04-08 16:25:40
debian
debian
[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities
2009-04-09 01:33:24
fedora
fedora
[SECURITY] Fedora 9 Update: krb5-1.6.3-16.fc9
2009-04-07 23:23:58
[SECURITY] Fedora 10 Update: krb5-1.6.3-18.fc10
2009-04-07 23:24:17
osv
osv
krb5 - several vulnerabilities
2009-04-09 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2009-04-07 00:00:00
oraclelinux
oraclelinux
krb5 security update
2009-04-07 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2009-04-08 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.031 Low
EPSS
Percentile
91.0%
Related for DEBIANCVE:CVE-2009-0844