Описание
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
Ссылки
- ExploitPatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- ExploitPatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01332
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
около 25 лет назад
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
github
около 3 лет назад
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
EPSS
Процентиль: 79%
0.01332
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other