CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	delphij <delphij@FreeBSD.org>
	Wed, 12 Jul 2017 08:07:16 +0000 (08:07 +0000)
committer	delphij <delphij@FreeBSD.org>
	Wed, 12 Jul 2017 08:07:16 +0000 (08:07 +0000)
commit	19285e4939bf9d407078204de4e10a66650c6afa
tree	a03630872a4be9e342e738c46567a8e6d0fe4aae	tree \| snapshot
parent	101ebb49366149745702e4a1c7d19259e50228fc	commit \| diff

MFS r320907: MFC r320906: MFV r320905: Import upstream fix for
CVE-2017-11103.

In _krb5_extract_ticket() the KDC-REP service name must be obtained
from encrypted version stored in 'enc_part' instead of the unencrypted
version stored in 'ticket'. Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Submitted by: hrs
Obtained from: Heimdal
Security: FreeBSD-SA-17:05.heimdal
Security: CVE-2017-11103
Approved by: re (kib)

crypto/heimdal/lib/krb5/ticket.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom