Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-1014HistoryAug 06, 2012 - 4:55 p.m.
CVE-2012-1014
2012-08-0616:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:P/A:C
0.06 Low
EPSS
Percentile
93.4%
The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a malformed AS-REQ request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.10.1+dfsg-2 | krb5_1.10.1+dfsg-2_all.deb |
| Debian | 11 | all | krb5 | < 1.10.1+dfsg-2 | krb5_1.10.1+dfsg-2_all.deb |
| Debian | 10 | all | krb5 | < 1.10.1+dfsg-2 | krb5_1.10.1+dfsg-2_all.deb |
| Debian | 999 | all | krb5 | < 1.10.1+dfsg-2 | krb5_1.10.1+dfsg-2_all.deb |
| Debian | 13 | all | krb5 | < 1.10.1+dfsg-2 | krb5_1.10.1+dfsg-2_all.deb |
Related
prion
prion
Cross site request forgery (csrf)
2012-08-06 16:55:00
cve
cve
CVE-2012-1014
2012-08-06 16:55:00
ubuntucve
ubuntucve
CVE-2012-1014
2012-07-31 00:00:00
securityvulns
securityvulns
MIT Kerberos 5 security vulnerabilities
2012-08-06 00:00:00
openvas
openvas
Debian Security Advisory DSA 2518-1 (krb5)
2012-08-10 00:00:00
Debian: Security Advisory (DSA-2518-1)
2012-08-10 00:00:00
Fedora Update for krb5 FEDORA-2012-11388
2012-08-30 00:00:00
nessus
nessus
Fedora 17 : krb5-1.10.2-6.fc17 (2012-11388)
2012-08-06 00:00:00
openSUSE Security Update : krb5 (openSUSE-SU-2012:0967-1)
2014-06-13 00:00:00
Debian DSA-2518-1 : krb5 - denial of service and remote code execution
2012-08-01 00:00:00
debian
debian
[SECURITY] [DSA 2518-1] krb5 security update
2012-07-31 19:56:05
osv
osv
krb5 - denial of service
2012-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: krb5-1.10.2-6.fc17
2012-08-05 21:22:40
ubuntu
ubuntu
Kerberos vulnerabilities
2012-07-31 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:P/A:C
0.06 Low
EPSS
Percentile
93.4%
Related for DEBIANCVE:CVE-2012-1014