CVE
- Id
- 9072
- CVE No.
- CVE-2004-0644
- Status
- Candidate
- Description
- The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
- Phase
- Assigned (20040708)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 58969 | 9072 | CVE-2004-0644 | CONFIRM:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt | View |
| 58970 | 9072 | CVE-2004-0644 | CERT:TA04-247A | View |
| 58971 | 9072 | CVE-2004-0644 | URL:http://www.us-cert.gov/cas/techalerts/TA04-247A.html | View |
| 58972 | 9072 | CVE-2004-0644 | CERT-VN:VU#550464 | View |
| 58973 | 9072 | CVE-2004-0644 | URL:http://www.kb.cert.org/vuls/id/550464 | View |
| 58974 | 9072 | CVE-2004-0644 | CONECTIVA:CLA-2004:860 | View |
| 58975 | 9072 | CVE-2004-0644 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 | View |
| 58976 | 9072 | CVE-2004-0644 | DEBIAN:DSA-543 | View |
| 58977 | 9072 | CVE-2004-0644 | URL:http://www.debian.org/security/2004/dsa-543 | View |
| 58978 | 9072 | CVE-2004-0644 | GENTOO:GLSA-200409-09 | View |
| 58979 | 9072 | CVE-2004-0644 | URL:http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml | View |
| 58980 | 9072 | CVE-2004-0644 | REDHAT:RHSA-2004:350 | View |
| 58981 | 9072 | CVE-2004-0644 | URL:http://rhn.redhat.com/errata/RHSA-2004-350.html | View |
| 58982 | 9072 | CVE-2004-0644 | TRUSTIX:2004-0045 | View |
| 58983 | 9072 | CVE-2004-0644 | URL:http://www.trustix.net/errata/2004/0045/ | View |
| 58984 | 9072 | CVE-2004-0644 | BUGTRAQ:20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos) | View |
| 58985 | 9072 | CVE-2004-0644 | URL:http://marc.info/?l=bugtraq&m=109508872524753&w=2 | View |
| 58986 | 9072 | CVE-2004-0644 | BID:11079 | View |
| 58987 | 9072 | CVE-2004-0644 | URL:http://www.securityfocus.com/bid/11079 | View |
| 58988 | 9072 | CVE-2004-0644 | OVAL:oval:org.mitre.oval:def:2139 | View |
| 58989 | 9072 | CVE-2004-0644 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2139 | View |
| 58990 | 9072 | CVE-2004-0644 | OVAL:oval:org.mitre.oval:def:10014 | View |
| 58991 | 9072 | CVE-2004-0644 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10014 | View |
| 58992 | 9072 | CVE-2004-0644 | XF:kerberos-asn1-library-dos(17160) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 62928 | JVNDB-2004-000270 | wvWare wv の wvHandleDateTimePicture() 関数におけるバッファオーバーフローの脆弱性 | wvWare wv には、field.c の wvHandleDateTimePicture() 関数において、渡された Word ファイルの DateTime フィールドの文字列長を適切にチェックしないため、バッファオーバーフローが発生する脆弱性が存在します。 | CVE-2004-0645 | 9072 | 10 | http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000270.html | View |
