Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

Check for null kadm5 policy name [CVE-2015-8630]

In kadm5_create_principal_3() and kadm5_modify_principal(), check for
entry->policy being null when KADM5_POLICY is included in the mask.

CVE-2015-8630:

In MIT krb5 1.12 and later, an authenticated attacker with permission
to modify a principal entry can cause kadmind to dereference a null
pointer by supplying a null policy value but including KADM5_POLICY in
the mask.

CVSSv2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C

https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b
Author: Greg Hudson <ghudson@mit.edu>
Commit: b863de7fbf080b15e347a736fdda0a82d42f4f6b
Branch: master
src/lib/kadm5/srv/svr_principal.c | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Check for null kadm5 policy name [CVE-2015-8630]

In kadm5_create_principal_3() and kadm5_modify_principal(), check for
entry->policy being null when KADM5_POLICY is included in the mask.

CVE-2015-8630:

In MIT krb5 1.12 and later, an authenticated attacker with permission
to modify a principal entry can cause kadmind to dereference a null
pointer by supplying a null policy value but including KADM5_POLICY in
the mask.

CVSSv2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C

(cherry picked from commit b863de7fbf080b15e347a736fdda0a82d42f4f6b)

https://github.com/krb5/krb5/commit/46ed05100ed8b0a82e047089cec94147ff471fb1
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 46ed05100ed8b0a82e047089cec94147ff471fb1
Branch: krb5-1.14
src/lib/kadm5/srv/svr_principal.c | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Check for null kadm5 policy name [CVE-2015-8630]

In kadm5_create_principal_3() and kadm5_modify_principal(), check for
entry->policy being null when KADM5_POLICY is included in the mask.

CVE-2015-8630:

In MIT krb5 1.12 and later, an authenticated attacker with permission
to modify a principal entry can cause kadmind to dereference a null
pointer by supplying a null policy value but including KADM5_POLICY in
the mask.

CVSSv2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C

(cherry picked from commit b863de7fbf080b15e347a736fdda0a82d42f4f6b)

https://github.com/krb5/krb5/commit/f9056a68f46e0bd1e3be5a4ec5f44655460d0ac9
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: f9056a68f46e0bd1e3be5a4ec5f44655460d0ac9
Branch: krb5-1.13
src/lib/kadm5/srv/svr_principal.c | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)