Описание
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | no LDAP backend |
| devel | not-affected | 1.8.3+dfsg-5ubuntu2 |
| hardy | released | 1.6.dfsg.3~beta1-2ubuntu1.8 |
| karmic | released | 1.7dfsg~beta3-1ubuntu0.9 |
| lucid | released | 1.8.1+dfsg-2ubuntu0.6 |
| maverick | released | 1.8.1+dfsg-5ubuntu0.4 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
The unparse implementation in the Key Distribution Center (KDC) in MIT ...
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
EPSS
5 Medium
CVSS2