* [gentoo-commits] gentoo-x86 commit in app-crypt/mit-krb5/files: CVE-2002-2443.patch
@ 2013-05-14 6:01 Eray Aslan (eras)
0 siblings, 0 replies; 2+ messages in thread
From: Eray Aslan (eras) @ 2013-05-14 6:01 UTC (permalink / raw
To: gentoo-commits
eras 13/05/14 06:01:50
Added: CVE-2002-2443.patch
Log:
Security bump - bug #469752
(Portage version: 2.2.0_alpha174/cvs/Linux x86_64, signed Manifest commit with key 0x77F1F175586A3B1F)
Revision Changes Path
1.1 app-crypt/mit-krb5/files/CVE-2002-2443.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/mit-krb5/files/CVE-2002-2443.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/mit-krb5/files/CVE-2002-2443.patch?rev=1.1&content-type=text/plain
Index: CVE-2002-2443.patch
===================================================================
From cf1a0c411b2668c57c41e9c4efd15ba17b6b322c Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Fri, 3 May 2013 16:26:46 -0400
Subject: [PATCH] Fix kpasswd UDP ping-pong [CVE-2002-2443]
The kpasswd service provided by kadmind was vulnerable to a UDP
"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless
they pass some basic validation, and don't respond to our own error
packets.
Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
attack or UDP ping-pong attacks in general, but there is discussion
leading toward narrowing the definition of CVE-1999-0103 to the echo,
chargen, or other similar built-in inetd services.
Thanks to Vincent Danen for alerting us to this issue.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C
ticket: 7637 (new)
target_version: 1.11.3
tags: pullup
---
src/kadmin/server/schpw.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index 15b0ab5..7f455d8 100644
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -52,7 +52,7 @@
ret = KRB5KRB_AP_ERR_MODIFIED;
numresult = KRB5_KPASSWD_MALFORMED;
strlcpy(strresult, "Request was truncated", sizeof(strresult));
- goto chpwfail;
+ goto bailout;
}
ptr = req->data;
@@ -67,7 +67,7 @@
numresult = KRB5_KPASSWD_MALFORMED;
strlcpy(strresult, "Request length was inconsistent",
sizeof(strresult));
- goto chpwfail;
+ goto bailout;
}
/* verify version number */
@@ -80,7 +80,7 @@
numresult = KRB5_KPASSWD_BAD_VERSION;
snprintf(strresult, sizeof(strresult),
"Request contained unknown protocol version number %d", vno);
- goto chpwfail;
+ goto bailout;
}
/* read, check ap-req length */
@@ -93,7 +93,7 @@
numresult = KRB5_KPASSWD_MALFORMED;
strlcpy(strresult, "Request was truncated in AP-REQ",
sizeof(strresult));
- goto chpwfail;
+ goto bailout;
}
/* verify ap_req */
--
1.8.1.6
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in app-crypt/mit-krb5/files: CVE-2002-2443.patch
@ 2013-11-18 16:28 Eray Aslan (eras)
0 siblings, 0 replies; 2+ messages in thread
From: Eray Aslan (eras) @ 2013-11-18 16:28 UTC (permalink / raw
To: gentoo-commits
eras 13/11/18 16:28:11
Removed: CVE-2002-2443.patch
Log:
Remove vulnerable
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x77F1F175586A3B1F)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-11-18 16:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-14 6:01 [gentoo-commits] gentoo-x86 commit in app-crypt/mit-krb5/files: CVE-2002-2443.patch Eray Aslan (eras)
-- strict thread matches above, loose matches on Subject: below --
2013-11-18 16:28 Eray Aslan (eras)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox