CVE-2011-0285

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 versions 1.7 through 1.9 krb5-server-1.8.2 krb5-libs-1.8.2 krb5-devel-1.8.2 krb5-server-ldap-1.8.2 krb5-pkinit-openssl-1.8.2 krb5-1.8.2 krb5-debuginfo-1.8.2 krb5-workstation-1.8.2

Description The vulnerability can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The process chpw request function in schpw.c in the password-changing functionality in kadmind frees an invalid pointer, allowing remote attackers to execute arbitrary code or cause a denial of service.

Recommendations For MIT Kerberos 5 versions 1.7 through 1.9, update to a version later than 1.9 to resolve the issue. For krb5-server-1.8.2, krb5-libs-1.8.2, krb5-devel-1.8.2, krb5-server-ldap-1.8.2, krb5-pkinit-openssl-1.8.2, krb5-1.8.2, krb5-debuginfo-1.8.2, and krb5-workstation-1.8.2, consider disabling the password-changing functionality in kadmind until a patch is available. As a temporary workaround, restrict access to the vulnerable process chpw request function in schpw.c to minimize the risk of exploitation.