What is the severity of CVE-2009-0846?

CVE-2009-0846 has been classified with a critical severity level due to its potential to cause a denial of service or allow arbitrary code execution.

How do I fix CVE-2009-0846?

To resolve CVE-2009-0846, upgrade your MIT Kerberos installation to version 1.6.4 or later, which addresses this vulnerability.

What are the affected versions for CVE-2009-0846?

CVE-2009-0846 affects MIT Kerberos versions before 1.6.4, including various earlier versions such as 5-1.6.3, 1.5.3, and others.

What are the potential impacts of CVE-2009-0846?

The potential impacts of CVE-2009-0846 include daemon crashes and possible execution of arbitrary code by remote attackers.

Which systems are primarily affected by CVE-2009-0846?

CVE-2009-0846 primarily affects systems running MIT Kerberos 5, particularly those on platforms like Fedora, Ubuntu, and Red Hat.

Vulnerability/
CVE-2009-0846

critical

CWE

20 824

9/4/2009

9/2/2024

CVE-2009-0846: Input Validation

First published: Thu Apr 09 2009(Updated: )

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Kerberos	=5-1.6.3
Kerberos
Kerberos	=1.1
Kerberos	=1.2
Kerberos	=1.2.1
Kerberos	=1.2.2
Kerberos	=1.2.3
Kerberos	=1.2.4
Kerberos	=1.2.5
Kerberos	=1.2.6
Kerberos	=1.2.7
Kerberos	=1.2.8
Kerberos	=1.3-alpha1
Kerberos	=1.3
Kerberos	=1.3.1
Kerberos	=1.3.2
Kerberos	=1.3.3
Kerberos	=1.3.4
Kerberos	=1.3.5
Kerberos	=1.3.6
Kerberos	=1.4
Kerberos	=1.4.1
Kerberos	=1.4.2
Kerberos	=1.4.3
Kerberos	=1.4.4
Kerberos	=1.5
Kerberos	=1.5.1
Kerberos	=1.5.2
Kerberos	=1.5.3
Kerberos	=1.6
Kerberos	=1.6.1
Kerberos	=1.6.2
Kerberos	=1.0
Kerberos	=1.0.6
Kerberos	=1.1.1
Kerberos	=1.2-beta1
Kerberos	=1.2-beta2
Kerberos	<1.6.4
Red Hat Fedora	=9
Red Hat Fedora	=10
Ubuntu	=6.06
Ubuntu	=7.10
Ubuntu	=8.04
Ubuntu	=8.10
Apple iOS and macOS	<10.5.7
Red Hat Enterprise Linux	=4.0
Red Hat Enterprise Linux Desktop	=3.0
Red Hat Enterprise Linux Desktop	=4.0
Red Hat Enterprise Linux Server EUS	=4.7
Red Hat Enterprise Linux Server	=2.0
Red Hat Enterprise Linux Server	=3.0
Red Hat Enterprise Linux Server	=4.0
Red Hat Enterprise Linux Workstation	=2.0
Red Hat Enterprise Linux Workstation	=3.0
Red Hat Enterprise Linux Workstation	=4.0

Remedy

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0846?
CVE-2009-0846 has been classified with a critical severity level due to its potential to cause a denial of service or allow arbitrary code execution.
How do I fix CVE-2009-0846?
To resolve CVE-2009-0846, upgrade your MIT Kerberos installation to version 1.6.4 or later, which addresses this vulnerability.
What are the affected versions for CVE-2009-0846?
CVE-2009-0846 affects MIT Kerberos versions before 1.6.4, including various earlier versions such as 5-1.6.3, 1.5.3, and others.
What are the potential impacts of CVE-2009-0846?
The potential impacts of CVE-2009-0846 include daemon crashes and possible execution of arbitrary code by remote attackers.
Which systems are primarily affected by CVE-2009-0846?
CVE-2009-0846 primarily affects systems running MIT Kerberos 5, particularly those on platforms like Fedora, Ubuntu, and Red Hat.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
agent/weakness
agent/remedy
agent/severity
agent/description
agent/event
agent/source
agent/author
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/mit
canonical/kerberos
version/kerberos/5-1.6.3
version/kerberos/1.1
version/kerberos/1.2
version/kerberos/1.2.1
version/kerberos/1.2.2
version/kerberos/1.2.3
version/kerberos/1.2.4
version/kerberos/1.2.5
version/kerberos/1.2.6
version/kerberos/1.2.7
version/kerberos/1.2.8
version/kerberos/1.3-alpha1
version/kerberos/1.3
version/kerberos/1.3.1
version/kerberos/1.3.2
version/kerberos/1.3.3
version/kerberos/1.3.4
version/kerberos/1.3.5
version/kerberos/1.3.6
version/kerberos/1.4
version/kerberos/1.4.1
version/kerberos/1.4.2
version/kerberos/1.4.3
version/kerberos/1.4.4
version/kerberos/1.5
version/kerberos/1.5.1
version/kerberos/1.5.2
version/kerberos/1.5.3
version/kerberos/1.6
version/kerberos/1.6.1
version/kerberos/1.6.2
version/kerberos/1.0
version/kerberos/1.0.6
version/kerberos/1.1.1
version/kerberos/1.2-beta1
version/kerberos/1.2-beta2
vendor/fedoraproject
canonical/red hat fedora
version/red hat fedora/9
version/red hat fedora/10
vendor/canonical
canonical/ubuntu
version/ubuntu/6.06
version/ubuntu/7.10
version/ubuntu/8.04
version/ubuntu/8.10
vendor/apple
canonical/apple ios and macos
vendor/redhat
canonical/red hat enterprise linux
version/red hat enterprise linux/4.0
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/3.0
version/red hat enterprise linux desktop/4.0
canonical/red hat enterprise linux server eus
version/red hat enterprise linux server eus/4.7
canonical/red hat enterprise linux server
version/red hat enterprise linux server/2.0
version/red hat enterprise linux server/3.0
version/red hat enterprise linux server/4.0
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/2.0
version/red hat enterprise linux workstation/3.0
version/red hat enterprise linux workstation/4.0