{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-12-06T00:00:00", "descriptions": [{"lang": "en", "value": "In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-29T23:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/heimdal/heimdal/issues/353"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://h5l.org/advisories.html?show=2017-12-08"}, {"name": "DSA-4055", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2017/dsa-4055"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17439", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144", "refsource": "CONFIRM", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144"}, {"name": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887", "refsource": "CONFIRM", "url": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887"}, {"name": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html", "refsource": "CONFIRM", "url": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html"}, {"name": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html", "refsource": "MISC", "url": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html"}, {"name": "https://github.com/heimdal/heimdal/issues/353", "refsource": "CONFIRM", "url": "https://github.com/heimdal/heimdal/issues/353"}, {"name": "http://h5l.org/advisories.html?show=2017-12-08", "refsource": "CONFIRM", "url": "http://h5l.org/advisories.html?show=2017-12-08"}, {"name": "DSA-4055", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2017/dsa-4055"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:51:31.511Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/heimdal/heimdal/issues/353"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://h5l.org/advisories.html?show=2017-12-08"}, {"name": "DSA-4055", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2017/dsa-4055"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17439", "datePublished": "2017-12-06T15:00:00", "dateReserved": "2017-12-06T00:00:00", "dateUpdated": "2024-08-05T20:51:31.511Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CFD4426-D9E3-4F45-8E0C-EC2DC17F5C00", "versionEndIncluding": "7.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c."}, {"lang": "es", "value": "En Heimdal hasta la versi\u00f3n 7.4 atacantes remotos no autenticados pueden provocar el cierre inesperado del KDC enviando un paquete UDP manipulado que contenga campos de datos vac\u00edos para el nombre del cliente o para el realm. En ese caso, el analizador sint\u00e1ctico desreferenciar\u00e1 punteros NULL incondicionalmente, lo que dar\u00e1 lugar a un fallo de segmentaci\u00f3n. Esto est\u00e1 relacionado con la funci\u00f3n _kdc_as_rep en kdc/kerberos5.c y la funci\u00f3n der_length_visible_string function en lib/asn1/der_length.c."}], "id": "CVE-2017-17439", "lastModified": "2024-11-21T03:17:56.440", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-06T15:29:00.250", "references": [{"source": "cve@mitre.org", "url": "http://h5l.org/advisories.html?show=2017-12-08"}, {"source": "cve@mitre.org", "url": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/heimdal/heimdal/issues/353"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-4055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h5l.org/advisories.html?show=2017-12-08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.h5l.org/pipermail/heimdal-announce/2017-December/000008.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.h5l.org/pipermail/heimdal-discuss/2017-August/000259.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/heimdal/heimdal/commit/1a6a6e462dc2ac6111f9e02c6852ddec4849b887"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/heimdal/heimdal/issues/353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-4055"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}