What is the severity of REDHAT-BUG-490634?

REDHAT-BUG-490634 is classified as a denial of service vulnerability that could crash the krb5 daemon.

How do I fix REDHAT-BUG-490634?

To fix REDHAT-BUG-490634, update the MIT Kerberos software to the latest patched version available.

Who is affected by REDHAT-BUG-490634?

Local users of MIT Kerberos are affected by REDHAT-BUG-490634 due to the flaw in the GSS-API spnego implementation.

What does REDHAT-BUG-490634 exploit?

REDHAT-BUG-490634 exploits a null pointer dereference flaw via invalid ContextFlags for the reqFlags field.

What could happen if REDHAT-BUG-490634 is exploited?

If REDHAT-BUG-490634 is exploited, it could lead to a denial of service by crashing the krb5 daemon.

Vulnerability/
REDHAT-BUG-490634

high

CWE

476

17/3/2009

23/9/2023

REDHAT-BUG-490634: Null Pointer Dereference

First published: Tue Mar 17 2009(Updated: )

A null pointer dereference flaw was found in Kerberos's GSS-API spnego security mechanism implemenation. A local user could use this flaw to cause a denial of service (krb5 daemon crash) via invalid ContextFlags for the reqFlags field in the NegTokenInit (RFC 4178). References: <a href="http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402">http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402</a> Upstream patch: <a href="http://src.mit.edu/fisheye/changelog/krb5/?cs=22099">http://src.mit.edu/fisheye/changelog/krb5/?cs=22099</a>

Affected Software	Affected Version	How to fix
MIT Kerberos 5 Application

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-490634?
REDHAT-BUG-490634 is classified as a denial of service vulnerability that could crash the krb5 daemon.
How do I fix REDHAT-BUG-490634?
To fix REDHAT-BUG-490634, update the MIT Kerberos software to the latest patched version available.
Who is affected by REDHAT-BUG-490634?
Local users of MIT Kerberos are affected by REDHAT-BUG-490634 due to the flaw in the GSS-API spnego implementation.
What does REDHAT-BUG-490634 exploit?
REDHAT-BUG-490634 exploits a null pointer dereference flaw via invalid ContextFlags for the reqFlags field.
What could happen if REDHAT-BUG-490634 is exploited?
If REDHAT-BUG-490634 is exploited, it could lead to a denial of service by crashing the krb5 daemon.

agent/type
agent/last-modified-date
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2009-0845
agent/weakness
agent/references
agent/severity
agent/description
agent/event
agent/source
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/mit
canonical/mit kerberos 5 application

Frequently Asked Questions

What is the severity of REDHAT-BUG-490634?
REDHAT-BUG-490634 is classified as a denial of service vulnerability that could crash the krb5 daemon.
How do I fix REDHAT-BUG-490634?
To fix REDHAT-BUG-490634, update the MIT Kerberos software to the latest patched version available.
Who is affected by REDHAT-BUG-490634?
Local users of MIT Kerberos are affected by REDHAT-BUG-490634 due to the flaw in the GSS-API spnego implementation.
What does REDHAT-BUG-490634 exploit?
REDHAT-BUG-490634 exploits a null pointer dereference flaw via invalid ContextFlags for the reqFlags field.
What could happen if REDHAT-BUG-490634 is exploited?
If REDHAT-BUG-490634 is exploited, it could lead to a denial of service by crashing the krb5 daemon.

REDHAT-BUG-490634: Null Pointer Dereference

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-490634?

How do I fix REDHAT-BUG-490634?

Who is affected by REDHAT-BUG-490634?

What does REDHAT-BUG-490634 exploit?

What could happen if REDHAT-BUG-490634 is exploited?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of REDHAT-BUG-490634?

How do I fix REDHAT-BUG-490634?

Who is affected by REDHAT-BUG-490634?

What does REDHAT-BUG-490634 exploit?

What could happen if REDHAT-BUG-490634 is exploited?