730393 – (CVE-2011-1530) VUL-0: CVE-2011-1530: krb5: KDC null pointer dereference in TGS handling

Bug 730393 (CVE-2011-1530) - VUL-0: CVE-2011-1530: krb5: KDC null pointer dereference in TGS handling

Summary: VUL-0: CVE-2011-1530: krb5: KDC null pointer dereference in TGS handling

Status:	RESOLVED FIXED

Alias:	CVE-2011-1530

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2011-11-15 09:57 UTC by Ludwig Nussel
Modified:	2017-07-03 07:34 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ludwig Nussel 2011-11-15 09:57:35 UTC

Your friendly security team received the following report via security@suse.de.
Please respond ASAP.
This issue is not public yet, please keep any information about it inside SUSE.
Note that build.opensuse.org *cannot* be used to prepare embargoed updates.

It was found that krb5's KDC since version 1.9 could be made to crash on a NULL pointer deref. Remote authenticated users could exploit that to crash KDC.

Comment 2 Michael Calmer 2011-11-15 10:07:42 UTC

We have krb5 1.9 only on 12.1 and FACTORY.

Comment 3 Swamp Workflow Management 2011-11-15 23:00:14 UTC

bugbot adjusting priority

Comment 5 Michael Calmer 2011-11-21 10:36:52 UTC

See Bug 731648 for the 

  fix KDC HA feature introduced with implementing KDC poll

Comment 6 Michael Calmer 2011-12-07 08:58:18 UTC

This bug is public now. I have performed a submit request to openSUSE 12.1 and Factory.
Both SRs also include the fix for Bug 731648.

Re-assign to security team for tracking.

Comment 7 Bernhard Wiedemann 2011-12-07 09:00:18 UTC

This is an autogenerated message for OBS integration:
This bug (730393) was mentioned in
https://build.opensuse.org/request/show/95685 12.1 / krb5
https://build.opensuse.org/request/show/95686 Factory / krb5

Comment 8 Matthias Weckbecker 2011-12-07 10:27:30 UTC

CVE-2011-1530

Comment 9 Ludwig Nussel 2011-12-08 16:39:34 UTC

released