Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-5353
HistoryDec 16, 2014 - 11:59 p.m.

CVE-2014-5353

2014-12-1623:59:00
CWE-476
[email protected]
web.nvd.nist.gov
47
cve-2014-5353
mit kerberos 5
krb5
ldap
denial of service
nvd

6.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.7%

JSON

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.

Related

nessus 22
securityvulns 2
openvas 15
ubuntucve 1
veracode 2
prion 1
fedora 4
mageia 1
debiancve 1
altlinux 3
freebsd 3
oraclelinux 2
amazon 1
centos 2
redhat 2
ibm 5
archlinux 1
osv 1
debian 1
ubuntu 1
nessus
nessus
Mandriva Linux Security Advisory : krb5 (MDVSA-2015:009)
2015-01-09 00:00:00
Fedora 22 : krb5-1.13.1-2.fc22 (2015-5949)
2015-04-23 00:00:00
FreeBSD : krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 (3a888a1e-b321-11e4-83b2-206a8a720317)
2015-02-13 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:009 ] krb5
2015-01-13 00:00:00
MIT Kerberos 5 DoS
2015-01-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0536)
2022-01-28 00:00:00
Fedora Update for krb5 FEDORA-2015-5949
2015-07-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1282-1)
2021-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2014-5353
2014-12-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-08-13 03:20:21
Arbitrary Code Execution
2019-05-02 05:13:02
prion
prion
Design/Logic Flaw
2014-12-16 23:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: krb5-1.13.1-2.fc22
2015-04-22 22:50:11
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
mageia
mageia
Updated krb5 packages fix CVE-2014-5353
2014-12-19 18:06:35
debiancve
debiancve
CVE-2014-5353
2014-12-16 23:59:00
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt2
2014-12-23 00:00:00
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-12 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
amazon
amazon
Medium: krb5
2015-05-05 15:44:00
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422)
2018-06-16 21:25:59
Security Bulletin: Multiple vulnerabilities in unzip, krb5, tomcat, affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:30:13
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by multiple vulnerabilities in GNU C Library (glibc), krb5 and php
2020-11-02 20:22:51
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
osv
osv
krb5 - security update
2018-01-31 00:00:00
debian
debian
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:55
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00

6.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.7%

JSON
Related for CVE-2014-5353
nessus22securityvulns2openvas15ubuntucve1veracode2prion1fedora4mageia1debiancve1altlinux3freebsd3oraclelinux2amazon1centos2redhat2ibm5archlinux1osv1debian1ubuntu1