Уязвимость CVE-2012-1015

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	krb5	Not affected
Red Hat Enterprise Linux 6	krb5	Fixed	RHSA-2012:1131	31.07.2012

CVE-2012-1015

ubuntu

около 13 лет назад

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.

CVE-2012-1015

nvd

около 13 лет назад

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.

CVE-2012-1015

debian

около 13 лет назад

The kdc_handle_protected_negotiation function in the Key Distribution ...

GHSA-phxm-4gpx-94fr

github

больше 3 лет назад

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.

ELSA-2012-1131

oracle-oval

около 13 лет назад

ELSA-2012-1131: krb5 security update (IMPORTANT)

exploitDog

CVE-2012-1015

Описание

Отчет

Затронутые пакеты

Ссылки на источники

Дополнительная информация

Связанные уязвимости