CVE-2009-0845 — Improper Input Validation in Kerberos

CWE-20 — Improper Input Validation CWE-476 — NULL Pointer Dereference10 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

19.3%

top 4.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Krb5 MIT Kerberos MIT Kerberos 5

Timeline

PublishedMar 27

Latest updateMay 2

Description

The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶Debianmit/krb5< 1.6.dfsg.4~beta1-13+3

▶NVDmit/kerberos5-1.6.3

▶NVDmit/kerberos_57 versions+6

🔴Vulnerability Details

GHSA

GHSA-74gr-5fw9-9jj5: The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech↗2022-05-02

▶

CVEList

CVE-2009-0845: The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech↗2009-03-27

▶

OSV

CVE-2009-0845: The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech↗2009-03-27

▶

📋Vendor Advisories

Ubuntu

Kerberos vulnerabilities↗2009-04-07

▶

Red Hat

krb5: NULL pointer dereference in GSSAPI SPNEGO (MITKRB5-SA-2009-001)↗2009-03-13

▶

Debian

CVE-2009-0845: krb5 - The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in...↗2009

▶

💬Community

Bugzilla

CVE-2010-0628 krb5: Assertion failure in GSSAPI SPNEGO mechanism (MITKRB5-SA-2010-002)↗2010-02-17

▶

Bugzilla

CVE-2009-0844 krb5: buffer over-read in SPNEGO GSS-API mechanism (MITKRB5-SA-2009-001)↗2009-03-19

▶

Bugzilla

CVE-2009-0845 krb5: NULL pointer dereference in GSSAPI SPNEGO (MITKRB5-SA-2009-001)↗2009-03-17

▶