Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-8629

Опубликовано: 13 фев. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.3

Описание

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

РелизСтатусПримечание
artful

not-affected

1.14.3+dfsg-2ubuntu1
bionic

not-affected

1.14.3+dfsg-2ubuntu1
cosmic

not-affected

1.14.3+dfsg-2ubuntu1
devel

not-affected

1.14.3+dfsg-2ubuntu1
disco

not-affected

1.14.3+dfsg-2ubuntu1
eoan

not-affected

1.14.3+dfsg-2ubuntu1
esm-infra-legacy/trusty

released

1.12+dfsg-2ubuntu5.4
esm-infra/bionic

not-affected

1.14.3+dfsg-2ubuntu1
esm-infra/focal

not-affected

1.14.3+dfsg-2ubuntu1
esm-infra/xenial

not-affected

1.13.2+dfsg-5

Показывать по

Ссылки на источники

EPSS

Процентиль: 71%
0.00681
Низкий

2.1 Low

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-8629

redhat
больше 9 лет назад

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

nvd логотип

CVE-2015-8629

CVSS3: 5.3
nvd
больше 9 лет назад

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

debian логотип

CVE-2015-8629

CVSS3: 5.3
debian
больше 9 лет назад

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in ...

github логотип

GHSA-2xvp-5pfr-cwhc

CVSS3: 5.3
github
больше 3 лет назад

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

suse-cvrf логотип

SUSE-SU-2016:0430-1

suse-cvrf
больше 9 лет назад

Security update for krb5

EPSS

Процентиль: 71%
0.00681
Низкий

2.1 Low

CVSS2

5.3 Medium

CVSS3