Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-0845HistoryMar 27, 2009 - 4:30 p.m.
CVE-2009-0845
2009-03-2716:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.052 Low
EPSS
Percentile
92.9%
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 11 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 10 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 999 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
| Debian | 13 | all | krb5 | <Β 1.6.dfsg.4~beta1-13 | krb5_1.6.dfsg.4~beta1-13_all.deb |
Related
securityvulns
securityvulns
[ MDVSA-2009:082 ] krb5
2009-04-01 00:00:00
MIT Kerberos 5 DoS
2009-04-01 00:00:00
MITKRB5-SA-2010-002 denial of service in SPNEGO [CVE-2010-0628 VU#839413]
2010-03-25 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:082 (krb5)
2009-04-06 00:00:00
Mandrake Security Advisory MDVSA-2009:082 (krb5)
2009-04-06 00:00:00
CentOS Update for krb5-devel CESA-2009:0408 centos5 i386
2011-08-09 00:00:00
seebug
seebug
MIT Kerberos NegTokenInit什ηε€ηθΏη¨ζη»ζε‘ζΌζ΄
2009-03-28 00:00:00
prion
prion
Null pointer dereference
2009-03-27 16:30:00
cve
cve
CVE-2009-0845
2009-03-27 16:30:00
ubuntucve
ubuntucve
CVE-2009-0845
2009-03-27 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : krb5 (MDVSA-2009:082)
2009-04-23 00:00:00
VMSA-2009-0008 : ESX Service Console update for krb5
2009-07-27 00:00:00
VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check)
2016-03-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:37:21
centos
centos
krb5 security update
2009-04-08 12:00:24
vmware
vmware
ESX Service Console update for krb5
2009-06-30 00:00:00
ESX Service Console update for krb5
2009-06-30 00:00:00
redhat
redhat
(RHSA-2009:0408) Important: krb5 security update
2009-04-07 00:00:00
suse
suse
remote code execution in krb5
2009-04-08 16:25:40
debian
debian
[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities
2009-04-09 01:33:24
fedora
fedora
[SECURITY] Fedora 9 Update: krb5-1.6.3-16.fc9
2009-04-07 23:23:58
[SECURITY] Fedora 10 Update: krb5-1.6.3-18.fc10
2009-04-07 23:24:17
osv
osv
krb5 - several vulnerabilities
2009-04-09 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2009-04-07 00:00:00
oraclelinux
oraclelinux
krb5 security update
2009-04-07 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2009-04-08 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.052 Low
EPSS
Percentile
92.9%
Related for DEBIANCVE:CVE-2009-0845