cbcvebase.
CVE-2009-0847
published 2009-04-09

CVE-2009-0847: The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service…

PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
2.77%
84.5th percentile
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiankrb5< krb5 1.6.dfsg.4~beta1-13 (bookworm)krb5 1.6.dfsg.4~beta1-13 (bookworm)
mitkerberos
mitkrb5>= 0 < 1.6.dfsg.4~beta1-131.6.dfsg.4~beta1-13
mitkrb5>= 0 < 1.6.dfsg.4~beta1-131.6.dfsg.4~beta1-13
mitkrb5>= 0 < 1.6.dfsg.4~beta1-131.6.dfsg.4~beta1-13
mitkrb5>= 0 < 1.6.dfsg.4~beta1-131.6.dfsg.4~beta1-13

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.