MIT Kerberos : Security vulnerabilities, CVEs Denial of service published in 2011

Copy

CVE-2011-0282

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.

Max CVSS

5.0

EPSS Score

14.63%

Published

2011-02-10

Updated

2020-01-21

CVE-2011-0281

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

Max CVSS

5.0

EPSS Score

2.85%

Published

2011-02-10

Updated

2020-01-21

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!