{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>Kerberos krb5.</p>","content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent Kerberos :\n\n-   une erreur dans le d\u00e9codeur ASN.1 permet \u00e0 un utilisateur\n    malveillant de provoquer un d\u00e9ni de service \u00e0 distance ;\n-   plusieurs vuln\u00e9rabilit\u00e9s dans l'un des m\u00e9canismes de l'interface\n    GSS-API permettent \u00e0 un utilisateur malveillant de provoquer un d\u00e9ni\n    de service \u00e0 distance et permettraient de lire des portions de\n    m\u00e9moire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-0846","url":"https://www.cve.org/CVERecord?id=CVE-2009-0846"},{"name":"CVE-2009-0847","url":"https://www.cve.org/CVERecord?id=CVE-2009-0847"},{"name":"CVE-2009-0844","url":"https://www.cve.org/CVERecord?id=CVE-2009-0844"},{"name":"CVE-2009-0845","url":"https://www.cve.org/CVERecord?id=CVE-2009-0845"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Fedora FEDORA-2009-2852 du 18 mars    2009 :","url":"http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2009:0410-1 du 07 avril    2009 :","url":"http://rhn.redhat.com/errata/RHSA-2009-0410.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2009:0409-1 du 07 avril    2009 :","url":"http://rhn.redhat.com/errata/RHSA-2009-0409.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Fedora FEDORA-2009-2834 du 18 mars    2009 :","url":"http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Suse SUSE-SA:2009:019 du 08 avril 2009    :","url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/00005.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA 1766 du 09 avril 2009 :","url":"http://www.debian.org/security/2009/dsa-1766"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2009:0408-1 du 07 avril    2009 :","url":"http://rhn.redhat.com/errata/RHSA-2009-0408.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun 256728 du 19 juin 2009 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-256728-1"},{"title":"Bulletins de s\u00e9curit\u00e9 du projet Kerberos du 07 avril 2009 :","url":"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt"},{"title":"Bulletins de s\u00e9curit\u00e9 Novell NKDC 20090409 du 14 avril 2009    :","url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilber/readme_5047180.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-755-1 du 08 avril 2009 :","url":"http://lists.ubuntu.com/archives/ubuntu-security-announce/2009-April/000881.html"},{"title":"Bulletins de s\u00e9curit\u00e9 du projet Kerberos du 07 avril 2009 :","url":"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt"},{"title":"Bulletins de s\u00e9curit\u00e9 Novell NKDC 20090409 du 14 avril 2009    :","url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilber/readme_5047181.html"}],"reference":"CERTA-2009-AVI-133","revisions":[{"description":"version initiale.","revision_date":"2009-04-09T00:00:00.000000"},{"description":"ajout des bulletins Novell.","revision_date":"2009-04-17T00:00:00.000000"},{"description":"ajout du bulletin Sun.","revision_date":"2009-06-22T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s affectent Kerberos. Elles permettent de\nr\u00e9aliser un d\u00e9ni de service \u00e0 distance ou une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n","title":"Vuln\u00e9rabilit\u00e9s dans Kerberos","vendor_advisories":[]}