Definition


New Search

HP-UX Running Kerberos Remote Denial of Service (DoS) Execution of Arbitrary Code

oval:org.mitre.oval:def:6387

The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3 when PK-INIT is used allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call related to incorrect calculations with pointer arithmetic.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2009-0847
Product(s):