Ticket History #5585: fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]

# Tue Jun 26 14:08:25 2007 tlyu (Taylor Yu) - Ticket created

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 349B

pointer. This may lead to execution of arbitrary code.

CVE-2007-2443/VU#365313: The RPC library can write past the end of a
stack buffer. This may (but is unlikely to) lead to execution of
arbitrary code.

Commit By: tlyu

Revision: 19636
Changed Files:
_U trunk/
U trunk/src/lib/rpc/svc_auth_gssapi.c
U trunk/src/lib/rpc/svc_auth_unix.c

# Tue Jun 26 14:08:28 2007 tlyu (Taylor Yu) - Requestor tlyu (Taylor Yu) added

# Tue Jun 26 14:08:28 2007 tlyu (Taylor Yu) - Status changed from 'new' to 'resolved'

# Tue Jun 26 14:08:29 2007 tlyu (Taylor Yu) - Tags pullup added

# Tue Jun 26 14:08:30 2007 tlyu (Taylor Yu) - Target_Version 1.6.2 added

# Tue Jun 26 14:29:45 2007 tlyu (Taylor Yu) - Version_Fixed 1.6.2 added

# Tue Jun 26 14:29:45 2007 tlyu (Taylor Yu) - Correspondence added

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 688B

pull up r19636 from trunk

r19636@cathode-dark-space: tlyu | 2007-06-26 14:08:20 -0400
ticket: new
target_version: 1.6.2
tags: pullup
subject: fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]

CVE-2007-2442/VU#356961: The RPC library can free an uninitialized
pointer. This may lead to execution of arbitrary code.

CVE-2007-2443/VU#365313: The RPC library can write past the end of a
stack buffer. This may (but is unlikely to) lead to execution of
arbitrary code.

Commit By: tlyu

Revision: 19638
Changed Files:
_U branches/krb5-1-6/
U branches/krb5-1-6/src/lib/rpc/svc_auth_gssapi.c
U branches/krb5-1-6/src/lib/rpc/svc_auth_unix.c

# Wed Dec 16 18:02:50 2015 tlyu (Taylor Yu) - CustomField pullup deleted