MIT Kerberos Uninitialized Pointer Reference Vulnerability

(CVE-2009-0846)
An implementation vulnerability has been discovered in the MIT Kerberos server V5. This affects popular operating systems including Red Hat Linux and Sun Microsystems Solaris.

MIT Kerberos V5 is an implementation of the Kerberos protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. The MIT Kerberos V5 server utilizes the encrypted SUN-RPC protocol to communicate with its remote clients.

The vulnerability is due to a memory corruption error in the MIT Kerberos server due to the release of an uninitialized pointer in the ASN.1 decoder while decoding maliciously-crafted data. A remote attacker may exploit this vulnerability via a specially-crafted RPC request. Successful exploitation will allow an attacker to execute malicious code on an affected system or to create a denial of service condition.

Check Point provides defenses for this vulnerability by detecting and blocking malformed RPC requests. These defenses are available to SmartDefense Services (as updates to SmartDefense) and IPS Software Blade customers. For more information, see CPAI-2009-096.