// For flags

CVE-2008-0948

krb5: incorrect handling of high-numbered file descriptors in RPC library

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors.

Un desbordamiento de búfer en la biblioteca RPC (lib/rpc/rpc_dtablesize.c) utilizada por libgssrpc y kadmind en MIT Kerberos 5 (krb5) versión 1.2.2, y probablemente otras versiones anteriores a 1.3, cuando se ejecuta en sistemas cuyo unistd.h no define la macro FD_SETSIZE, lo que permite a los atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario mediante la activación de un gran número de descriptores de archivos abiertos.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-02-25 CVE Reserved
  • 2008-03-19 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (27)
URL Tag Source
http://secunia.com/advisories/29423 Third Party Advisory
http://secunia.com/advisories/29424 Third Party Advisory
http://secunia.com/advisories/29663 Third Party Advisory
http://secunia.com/advisories/30535 Third Party Advisory
http://securityreason.com/securityalert/3752 Third Party Advisory
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022520.html X_refsource_confirm
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022542.html X_refsource_confirm
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt X_refsource_confirm
http://www.kb.cert.org/vuls/id/374121 Third Party Advisory
http://www.securityfocus.com/archive/1/489762/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/489784/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/493080/100/0/threaded Mailing List
http://www.securityfocus.com/bid/28302 Vdb Entry
http://www.securitytracker.com/id?1019631 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA08-079B.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0009.html X_refsource_confirm
http://www.vupen.com/english/advisories/2008/0922/references Vdb Entry
http://www.vupen.com/english/advisories/2008/1102/references Vdb Entry
http://www.vupen.com/english/advisories/2008/1744 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41274 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9209 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html 2020-01-21
http://marc.info/?l=bugtraq&m=130497213107107&w=2 2020-01-21
http://secunia.com/advisories/29428 2020-01-21
http://www.redhat.com/support/errata/RHSA-2008-0181.html 2020-01-21
https://access.redhat.com/security/cve/CVE-2008-0948 2008-03-18
https://bugzilla.redhat.com/show_bug.cgi?id=435087 2008-03-18
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.2.2
Search vendor "Mit" for product "Kerberos 5" and version "1.2.2"
-
Affected