User: Password:
Subscribe / Log in / New account

krb5: multiple vulnerabilities

Package(s):krb5 CVE #(s):CVE-2011-1527 CVE-2011-1528 CVE-2011-1529
Created:October 19, 2011 Updated:January 5, 2012
Description: From the Red Hat advisory:

Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP (Lightweight Directory Access Protocol) or Berkeley Database (Berkeley DB) back end. A remote attacker could use these flaws to crash the KDC. (CVE-2011-1527, CVE-2011-1528, CVE-2011-1529)

Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2011-1527 issue. Upstream acknowledges Andrej Ota as the original reporter of CVE-2011-1527.

Gentoo 201201-13 mit-krb5 2012-01-23
Debian DSA-2379-1 krb5 2012-01-04
Fedora FEDORA-2011-14673 krb5 2011-10-20
Fedora FEDORA-2011-14650 krb5 2011-10-20
openSUSE openSUSE-SU-2011:1169-1 krb5 2011-10-24
Mandriva MDVSA-2011:160 krb5 2011-10-22
Mandriva MDVSA-2011:159 krb5 2011-10-22
Ubuntu USN-1233-1 krb5 2011-10-18
Scientific Linux SL-krb5-20111018 krb5 2011-10-18
Red Hat RHSA-2011:1379-01 krb5 2011-10-18

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds