[3.3] krb5: null pointer dereference in kadmin (CVE-2016-3119)
The process_db_args function in
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module
in kadmind in MIT
Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1
mishandles the DB argument, which allows remote authenticated
users to cause a denial of service (NULL pointer dereference and daemon
crash) via a crafted request to modify a principal.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3119
Patch:
https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99
(from redmine: issue id 5454, created on 2016-04-20, closed on 2016-05-10)
- Relations:
- parent #5452 (closed)
- Changesets:
- Revision 45a08dc0 on 2016-05-05T13:25:20Z:
Security fix (CVE-2016-3119). Fixes #5454
(cherry picked from commit 563219286cc5231fa8d48ce13886e258e632bad5)