Описание
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
Отчет
This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 3 or 4 as they did not include support for the LDAP backend.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | krb5 | Not affected | ||
| Red Hat Enterprise Linux 4 | krb5 | Not affected | ||
| Red Hat Enterprise Linux 5 | krb5 | Fixed | RHSA-2011:0199 | 08.02.2011 |
| Red Hat Enterprise Linux 6 | krb5 | Fixed | RHSA-2011:0200 | 08.02.2011 |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x t ...
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
5 Medium
CVSS2