5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.008 Low
EPSS
Percentile
81.9%
Package : krb5
Version : 1.8.3+dfsg-4squeeze9
CVE ID : CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423
Multiples vulnerabilities have been found in krb5, the MIT
implementation of Kerberos:
CVE-2014-5352
Incorrect memory management in the libgssapi_krb5 library might
result in denial of service or the execution of arbitrary code.
CVE-2014-9421
Incorrect memory management in kadmind's processing of XDR data
might result in denial of service or the execution of arbitrary code.
CVE-2014-9422
Incorrect processing of two-component server principals might result
in impersonation attacks.
CVE-2014-9423
An information leak in the libgssrpc library.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | ia64 | libk5crypto3 | < 1.10.1+dfsg-5+deb7u3 | libk5crypto3_1.10.1+dfsg-5+deb7u3_ia64.deb |
Debian | 6 | i386 | libgssapi-krb5-2 | < 1.8.3+dfsg-4squeeze9 | libgssapi-krb5-2_1.8.3+dfsg-4squeeze9_i386.deb |
Debian | 7 | kfreebsd-i386 | krb5-kdc | < 1.10.1+dfsg-5+deb7u3 | krb5-kdc_1.10.1+dfsg-5+deb7u3_kfreebsd-i386.deb |
Debian | 7 | s390 | libkadm5clnt-mit8 | < 1.10.1+dfsg-5+deb7u3 | libkadm5clnt-mit8_1.10.1+dfsg-5+deb7u3_s390.deb |
Debian | 7 | armhf | krb5-multidev | < 1.10.1+dfsg-5+deb7u3 | krb5-multidev_1.10.1+dfsg-5+deb7u3_armhf.deb |
Debian | 7 | mips | krb5-kdc | < 1.10.1+dfsg-5+deb7u3 | krb5-kdc_1.10.1+dfsg-5+deb7u3_mips.deb |
Debian | 7 | armel | krb5-pkinit | < 1.10.1+dfsg-5+deb7u3 | krb5-pkinit_1.10.1+dfsg-5+deb7u3_armel.deb |
Debian | 7 | ia64 | krb5-kdc | < 1.10.1+dfsg-5+deb7u3 | krb5-kdc_1.10.1+dfsg-5+deb7u3_ia64.deb |
Debian | 6 | amd64 | libgssapi-krb5-2 | < 1.8.3+dfsg-4squeeze9 | libgssapi-krb5-2_1.8.3+dfsg-4squeeze9_amd64.deb |
Debian | 7 | powerpc | krb5-pkinit | < 1.10.1+dfsg-5+deb7u3 | krb5-pkinit_1.10.1+dfsg-5+deb7u3_powerpc.deb |