]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eebe17c) | patch
Null pointer deref in kadmind [CVE-2012-1013]
authorRichard Basch <basch@alum.mit.edu>
Tue, 29 May 2012 18:07:03 +0000 (14:07 -0400)
committerGreg Hudson <ghudson@mit.edu>
Tue, 29 May 2012 18:10:27 +0000 (14:10 -0400)
commitc5be6209311d4a8f10fda37d0d3f876c1b33b77b
tree7788c82ab07f3de54c633d0f8982cf9bad6fc029tree
parenteebe17cce0dfaaeb403fe97c6e2048dda32226f1commit | diff
Null pointer deref in kadmind [CVE-2012-1013]

The fix for #6626 could cause kadmind to dereference a null pointer if
a create-principal request contains no password but does contain the
KRB5_KDB_DISALLOW_ALL_TIX flag (e.g. "addprinc -randkey -allow_tix
name").  Only clients authorized to create principals can trigger the
bug.  Fix the bug by testing for a null password in check_1_6_dummy.

CVSSv2 vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:H/RL:O/RC:C

[ghudson@mit.edu: Minor style change and commit message]

ticket: 7152
target_version: 1.10.2
tags: pullup
src/lib/kadm5/srv/svr_principal.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git