Vulnerability in N/a
CVE-2009-0846
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arb…
EPSS: 0.500 (97.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20090701 VMSA-2009-0008 ESX Service Console update for krb5 (mailing-list, x_refsource_BUGTRAQ)
- support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html (x_refsource_MISC)
- oval:org.mitre.oval:def:6301 (x_refsource_OVAL, signature, vdb-entry)
- MDVSA-2009:098 (vendor-advisory, x_refsource_MANDRIVA)
- VU#662091 (x_refsource_CERT-VN, third-party-advisory)
- 20090407 MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846] (mailing-list, x_refsource_BUGTRAQ)
- ADV-2009-0960 (vdb-entry, x_refsource_VUPEN)
- support.apple.com/kb/HT3549 (x_refsource_CONFIRM)
- support.avaya.com/elmodocs2/security/ASA-2009-142.htm (x_refsource_CONFIRM)
- 35667 (x_refsource_SECUNIA, third-party-advisory)