Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-5710

Опубликовано: 16 янв. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

Описание

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

1.16-2ubuntu0.1
cosmic

ignored

end of life
devel

not-affected

1.19.2-2
disco

not-affected

1.16.1-1
eoan

not-affected

1.16.1-1
esm-infra-legacy/trusty

released

1.12+dfsg-2ubuntu5.4
esm-infra/bionic

released

1.16-2ubuntu0.1
esm-infra/focal

not-affected

1.17-6ubuntu4
esm-infra/xenial

released

1.13.2+dfsg-5ubuntu2.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 68%
0.00563
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-5710

CVSS3: 6.5
redhat
около 8 лет назад

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

nvd логотип

CVE-2018-5710

CVSS3: 6.5
nvd
около 8 лет назад

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

debian логотип

CVE-2018-5710

CVSS3: 6.5
debian
около 8 лет назад

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ...

github логотип

GHSA-6wfw-m2q3-x7rq

CVSS3: 6.5
github
больше 3 лет назад

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

EPSS

Процентиль: 68%
0.00563
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3