Lucene search
RootSSV:15157HistoryDec 29, 2009 - 12:00 a.m.
MIT Kerberos KDC跨域Referral空指针引用拒绝服务漏洞
2009-12-2900:00:00
Root
www.seebug.org
15
0.895 High
EPSS
Percentile
98.5%
BUGTRAQ ID: 37486
CVE ID: CVE-2009-3295
Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。MIT Kerberos 5是一种常用的开源Kerberos实现。
krb5的KDC跨域referral处理代码中存在空指针引用漏洞,未经认证的远程攻击者可以通过发送特制请求导致KDC崩溃。
MIT Kerberos 5 1.7
临时解决方法:
-
通过使用no_host_referral = *设置禁用域referral功能:
[kdcdefaults] no_host_referral = *或者
[realms] EXAMPLE.COM = { # ... other configuration settings ... no_host_referral = * }
厂商补丁:
MIT
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
securityvulns
securityvulns
MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
2009-12-29 00:00:00
MIT Kerberos 5 DoS
2009-12-29 00:00:00
openvas
openvas
Fedora Update for krb5 FEDORA-2009-13539
2010-01-15 00:00:00
MIT Kerberos5 KDC Cross Realm Referral DoS Vulnerability
2010-01-22 00:00:00
Ubuntu: Security Advisory (USN-879-1)
2010-01-15 00:00:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos KDC Cross Realm Referral Denial of Service (CVE-2009-3295)
2011-05-17 00:00:00
prion
prion
Null pointer dereference
2009-12-29 20:41:00
nessus
nessus
Fedora 12 : krb5-1.7-15.fc12 (2009-13539)
2010-02-25 00:00:00
Ubuntu 9.10 : krb5 vulnerability (USN-879-1)
2013-03-09 00:00:00
openSUSE Security Update : krb5 (krb5-1795)
2010-01-20 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: krb5-1.7-15.fc12
2010-01-05 22:54:25
[SECURITY] Fedora 12 Update: krb5-1.7.1-2.fc12
2010-02-18 22:26:48
[SECURITY] Fedora 12 Update: krb5-1.7.1-6.fc12
2010-03-27 00:55:38
ubuntucve
ubuntucve
CVE-2009-3295
2009-12-29 00:00:00
ubuntu
ubuntu
Kerberos vulnerability
2010-01-06 00:00:00
debiancve
debiancve
CVE-2009-3295
2009-12-29 20:41:00
cve
cve
CVE-2009-3295
2009-12-29 20:41:00
suse
suse
remote code execution in krb5
2010-01-19 17:05:33
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2012-01-23 00:00:00