CVE-2006-5989 - OpenCVE

Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mod Auth Kerb	Mod Auth Kerb

Configuration 1 [-]

cpe:2.3:a:mod_auth_kerb:mod_auth_kerb:5.0:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/23023
http://secunia.com/advisories/23251
http://secunia.com/advisories/23681
http://secunia.com/advisories/23820
http://security.gentoo.org/glsa/glsa-200701-14.xml
http://securitytracker.com/id?1017348
http://www.debian.org/security/2007/dsa-1247
http://www.mandriva.com/security/advisories?name=MDKSA-2006:218
http://www.redhat.com/support/errata/RHSA-2006-0746.html
http://www.securityfocus.com/bid/21214
http://www.vupen.com/english/advisories/2006/4633
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=136650
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206736
https://exchange.xforce.ibmcloud.com/vulnerabilities/30456
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10051

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2006-11-20T21:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2006-11-20T00:00:00

Link: CVE-2006-5989

JSON object: View

NVD Information

Status : Modified

Published: 2006-11-20T21:07:00.000

Modified: 2017-10-11T01:31:23.610

Link: CVE-2006-5989

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=136650"}, {"name": "23251", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23251"}, {"name": "23681", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23681"}, {"name": "DSA-1247", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1247"}, {"name": "21214", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21214"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206736"}, {"name": "23023", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23023"}, {"name": "23820", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23820"}, {"name": "RHSA-2006:0746", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0746.html"}, {"name": "apache-modauthkerb-offbyone-bo(30456)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30456"}, {"name": "MDKSA-2006:218", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:218"}, {"name": "1017348", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017348"}, {"name": "ADV-2006-4633", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4633"}, {"name": "GLSA-200701-14", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200701-14.xml"}, {"name": "oval:org.mitre.oval:def:10051", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10051"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-5989", "datePublished": "2006-11-20T21:00:00", "dateReserved": "2006-11-20T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mod_auth_kerb:mod_auth_kerb:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F9E125B8-F1E1-4919-8B92-F4F37F628A5C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array."}, {"lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n der_get_oid de mod_auth_derb 5.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un mensaje Kerberos manipulado que provoca un desbordamiento de b\u00fafer basado en mont\u00f3n en el array de componentes."}], "id": "CVE-2006-5989", "lastModified": "2017-10-11T01:31:23.610", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-20T21:07:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/23023"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/23251"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/23681"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/23820"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200701-14.xml"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1017348"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1247"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:218"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0746.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/21214"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/4633"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=136650"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206736"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30456"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10051"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}