User: Password:
|
|
Subscribe / Log in / New account

krb5: denial of service

Package(s):mit-krb5 CVE #(s):CVE-2011-0283 CVE-2011-4151
Created:January 24, 2012 Updated:January 25, 2012
Description: From the CVE entries:

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet. (CVE-2011-0283)

The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different vulnerability than CVE-2011-1528. (CVE-2011-4151)

Alerts:
Gentoo 201201-13 mit-krb5 2012-01-23

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds