[3.2] krb5: null pointer dereference in kadmin (CVE-2016-3119)
The process_db_args function in
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module
in kadmind in MIT
Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1
mishandles the DB argument, which allows remote authenticated
users to cause a denial of service (NULL pointer dereference and daemon
crash) via a crafted request to modify a principal.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3119
Patch:
https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99
(from redmine: issue id 5455, created on 2016-04-20, closed on 2016-05-10)
- Relations:
- parent #5452 (closed)
- Changesets:
- Revision 05938f5d on 2016-05-06T08:11:50Z:
main/krb5: security fix (CVE-2016-3119). Fixes #5455