1
PublicDateAtUSN: 2013-03-04
2
Candidate: CVE-2012-1016
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016
6
http://web.mit.edu/kerberos/www/krb5-1.10/
7
https://usn.ubuntu.com/usn/usn-2310-1
9
The pkinit_server_return_padata function in
10
plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key
11
Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4
12
attempts to find an agility KDF identifier in inappropriate circumstances,
13
which allows remote attackers to cause a denial of service (NULL pointer
14
dereference and daemon crash) via a crafted Draft 9 request.
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702633
24
upstream: https://github.com/krb5/krb5/commit/db64ca25d661a47b996b4e2645998b5d7f0eb52c
25
Tags_krb5: universe-binary
26
upstream_krb5: released (1.10.4,1.10.1+dfsg-4+nmu1)
27
hardy_krb5: ignored (reached end-of-life)
28
lucid_krb5: not-affected (code not present)
29
oneiric_krb5: ignored (reached end-of-life)
30
precise_krb5: released (1.10+dfsg~beta1-2ubuntu0.5)
31
quantal_krb5: ignored (reached end-of-life)
32
raring_krb5: not-affected (1.10.1+dfsg-4+nmu1)
33
saucy_krb5: not-affected (1.10.1+dfsg-6.1ubuntu1)
34
trusty_krb5: not-affected (1.11.3+dfsg-3ubuntu2)
35
devel_krb5: not-affected (1.11.3+dfsg-3ubuntu2)