CVE-2008-0948Improper Restriction of Operations within the Bounds of a Memory Buffer in Kerberos 5

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
9.3CRITICALNVD
EPSS
16.0%
top 5.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
MIT Krb5MIT Kerberos 5
Timeline
PublishedMar 19
Latest updateMay 1

Description

Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

Debianmit/krb5< 1.3-1+3
NVDmit/kerberos_51.2.2

🔴Vulnerability Details

3
GHSA
GHSA-9qjv-6f4r-w76q: Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize2022-05-01
CVEList
CVE-2008-0948: Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize2008-03-19
OSV
CVE-2008-0948: Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize2008-03-19

📋Vendor Advisories

2
Red Hat
krb5: incorrect handling of high-numbered file descriptors in RPC library2008-03-18
Debian
CVE-2008-0948: krb5 - Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc ...2008

💬Community

1
Bugzilla
CVE-2008-0948 krb5: incorrect handling of high-numbered file descriptors in RPC library2008-02-27
CVE-2008-0948 — MIT Kerberos 5 vulnerability | cvebase