Skip Menu |
 

History Show all quoted textShow full headers
# Mon Mar 06 12:53:07 2006 "Leena Pachkawde" <leenalp@gmail.com> - Ticket created
Date: Sun, 5 Mar 2006 23:49:59 +0530
From: "Leena Pachkawde" <leenalp@gmail.com>
To: krb5-bugs@mit.edu
Subject: MIT Kerberose 1.3.5 vulnerability
Download (untitled) / with headers
text/plain 497B
Download (untitled) / with headers
text/html 658B
Hello,

         I am an engineering student from Pune Institute of Computer Technology and doing a project on heap corruption issues. My project is in Linux. I am trying to avoid some of the heap corruptions caused by applications. My request to you is that if you could forward me the heap  overflow vunerability in kerberos 1.3.5,  it shall help in testing my prototype.  I have tried to obtain the  exploit code  but cannot find it. 
I shall be obliged to recieve your reply.

Thank You

Leena.
# Mon Mar 06 22:47:08 2006 "Leena Pachkawde" <leenalp@gmail.com> - Ticket #3493: - Ticket created
Date: Tue, 7 Mar 2006 09:17:05 +0530
From: "Leena Pachkawde" <leenalp@gmail.com>
To: krb5-bugs@mit.edu, rt@krbdev.mit.edu
Subject: krbdev.mit.edu #3492
Download (untitled) / with headers
text/plain 496B
Download (untitled) / with headers
text/html 597B
Hello,

        I am an engineering student from Pune Institute of Computer
Technology and doing a project on heap corruption issues. My project is in
Linux. I am trying to avoid some of the heap corruptions caused by
applications. My request to you is that if you could forward me the heap
overflow vunerability in kerberos 1.3.5,  it shall help in testing my
prototype.  I have tried to obtain the  exploit code  but cannot find it.
I shall be obliged to recieve your reply.

Thank You

Leena.

# Tue Mar 07 14:35:16 2006 tlyu (Taylor Yu) - Ticket #3493: - Ticket 3493 MergedInto ticket 3492.
# Tue Mar 07 15:43:06 2006 "Leena Pachkawde" <leenalp@gmail.com> - Ticket #3500: - Ticket created
Date: Tue, 7 Mar 2006 09:17:05 +0530
From: "Leena Pachkawde" <leenalp@gmail.com>
To: krb5-bugs@mit.edu, rt@krbdev.mit.edu
Subject: krbdev.mit.edu #3492
Download (untitled) / with headers
text/plain 496B
Download (untitled) / with headers
text/html 597B
Hello,

        I am an engineering student from Pune Institute of Computer
Technology and doing a project on heap corruption issues. My project is in
Linux. I am trying to avoid some of the heap corruptions caused by
applications. My request to you is that if you could forward me the heap
overflow vunerability in kerberos 1.3.5,  it shall help in testing my
prototype.  I have tried to obtain the  exploit code  but cannot find it.
I shall be obliged to recieve your reply.

Thank You

Leena.

# Tue Mar 07 16:03:49 2006 tlyu (Taylor Yu) - Correspondence added
To: rt@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #3492] MIT Kerberose 1.3.5 vulnerability
From: Tom Yu <tlyu@MIT.EDU>
Date: Tue, 07 Mar 2006 16:03:43 -0500
RT-Send-Cc:
Download (untitled) / with headers
text/plain 394B
Hi,

It is not necessary to resend your message multiple times.

It would be helpful if you were more specific about which
vulnerability you are asking about. I infer that you mean

MITKRB5-SA-2004-004 / CERT VU#948033 / CVE CAN-2004-1189

though I'm not certain.

We do not generally make exploit code available, and we are not aware
of published exploit code for this vulnerability.

---Tom
# Wed Apr 05 18:03:26 2006 tlyu (Taylor Yu) - Status changed from 'new' to 'resolved'
# Wed Apr 05 18:03:27 2006 tlyu (Taylor Yu) - Tags nochange added