Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-1527

Опубликовано: 20 окт. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.8

Описание

The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.

РелизСтатусПримечание
devel

not-affected

1.9.1+dfsg-1ubuntu2.1
hardy

not-affected

lucid

not-affected

maverick

not-affected

natty

not-affected

oneiric

released

1.9.1+dfsg-1ubuntu1.1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.03837
Низкий

7.8 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2011-1527

redhat
больше 13 лет назад

The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.

nvd логотип

CVE-2011-1527

nvd
больше 13 лет назад

The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.

debian логотип

CVE-2011-1527

debian
больше 13 лет назад

The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerber ...

github логотип

GHSA-848m-2rw5-f2f2

github
около 3 лет назад

The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.

oracle-oval логотип

ELSA-2011-1379

oracle-oval
больше 13 лет назад

ELSA-2011-1379: krb5 security update (MODERATE)

EPSS

Процентиль: 88%
0.03837
Низкий

7.8 High

CVSS2

Уязвимость CVE-2011-1527