diff options
author | Eray Aslan <eras@gentoo.org> | 2013-11-18 16:28:11 +0000 |
---|---|---|
committer | Eray Aslan <eras@gentoo.org> | 2013-11-18 16:28:11 +0000 |
commit | 2c2c4e2f5447472fc4d79ecd1677980bf5ace922 (patch) | |
tree | c1656edde1433b06223cc951fb0f904bff25acac /app-crypt/mit-krb5/files | |
parent | Version bump (diff) | |
download | gentoo-2-2c2c4e2f5447472fc4d79ecd1677980bf5ace922.tar.gz gentoo-2-2c2c4e2f5447472fc4d79ecd1677980bf5ace922.tar.bz2 gentoo-2-2c2c4e2f5447472fc4d79ecd1677980bf5ace922.zip |
Remove vulnerable
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x77F1F175586A3B1F)
Diffstat (limited to 'app-crypt/mit-krb5/files')
-rw-r--r-- | app-crypt/mit-krb5/files/CVE-2002-2443.patch | 69 |
1 files changed, 0 insertions, 69 deletions
diff --git a/app-crypt/mit-krb5/files/CVE-2002-2443.patch b/app-crypt/mit-krb5/files/CVE-2002-2443.patch deleted file mode 100644 index 3ef88155c5a1..000000000000 --- a/app-crypt/mit-krb5/files/CVE-2002-2443.patch +++ /dev/null @@ -1,69 +0,0 @@ -From cf1a0c411b2668c57c41e9c4efd15ba17b6b322c Mon Sep 17 00:00:00 2001 -From: Tom Yu <tlyu@mit.edu> -Date: Fri, 3 May 2013 16:26:46 -0400 -Subject: [PATCH] Fix kpasswd UDP ping-pong [CVE-2002-2443] - -The kpasswd service provided by kadmind was vulnerable to a UDP -"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless -they pass some basic validation, and don't respond to our own error -packets. - -Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong -attack or UDP ping-pong attacks in general, but there is discussion -leading toward narrowing the definition of CVE-1999-0103 to the echo, -chargen, or other similar built-in inetd services. - -Thanks to Vincent Danen for alerting us to this issue. - -CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C - -ticket: 7637 (new) -target_version: 1.11.3 -tags: pullup ---- - src/kadmin/server/schpw.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c -index 15b0ab5..7f455d8 100644 ---- a/src/kadmin/server/schpw.c -+++ b/src/kadmin/server/schpw.c -@@ -52,7 +52,7 @@ - ret = KRB5KRB_AP_ERR_MODIFIED; - numresult = KRB5_KPASSWD_MALFORMED; - strlcpy(strresult, "Request was truncated", sizeof(strresult)); -- goto chpwfail; -+ goto bailout; - } - - ptr = req->data; -@@ -67,7 +67,7 @@ - numresult = KRB5_KPASSWD_MALFORMED; - strlcpy(strresult, "Request length was inconsistent", - sizeof(strresult)); -- goto chpwfail; -+ goto bailout; - } - - /* verify version number */ -@@ -80,7 +80,7 @@ - numresult = KRB5_KPASSWD_BAD_VERSION; - snprintf(strresult, sizeof(strresult), - "Request contained unknown protocol version number %d", vno); -- goto chpwfail; -+ goto bailout; - } - - /* read, check ap-req length */ -@@ -93,7 +93,7 @@ - numresult = KRB5_KPASSWD_MALFORMED; - strlcpy(strresult, "Request was truncated in AP-REQ", - sizeof(strresult)); -- goto chpwfail; -+ goto bailout; - } - - /* verify ap_req */ --- -1.8.1.6 - |