Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Advisory: Heimdal kadmind version4 remote heap overflow

From: "Evgeny Demidov" <demidov () gleg net>
Date: Thu, 06 May 2004 02:47:22 +0400
Name: Heimdal kadmind version4 remote heap overflow 
Date:          6 May 2004
CVE candidate: CAN-2004-0434
Author:        Evgeny Demidov

Description:
There exists a remote preauth heap overflow vulnerability in Heimdal kadmind version4 support. All versions of Heimdal including 0.6.1 are known to be vulnerable.
Its recommended to disable Kerberos 4 support by runing kadmind with --no-kerberos4 option. 

Fix:

FreeBSD has issued an advisory:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc

Latest Heimdal snapshot also fixes the problem.

History:
The vulnerability has been discovered several months ago by Evgeny Demidov during Heimdal source code audit.
The details of the vulnerability has been made availabe to VulnDisco clients two weeks ago. 

Thanks:
Heimdal development team has been ready with a patch in a couple of hours after initial contact. 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: