Lucene search

FreeBSD7EDAC52A-66CD-11E0-9398-5D45F3AA24F0

HistoryMar 15, 2011 - 12:00 a.m.

krb5 -- MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled

2011-03-1500:00:00

vuxml.freebsd.org

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.356 Low

EPSS

Percentile

97.2%

JSON

An advisory published by the MIT Kerberos team says:

The MIT Kerberos 5 Key Distribution Center (KDC) daemon is
vulnerable to a double-free condition if the Public Key
Cryptography for Initial Authentication (PKINIT) capability is
enabled, resulting in daemon crash or arbitrary code execution
(which is believed to be difficult).
An unauthenticated remote attacker can induce a double-free
event, causing the KDC daemon to crash (denial of service),
or to execute arbitrary code. Exploiting a double-free event
to execute arbitrary code is believed to be difficult.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchkrb5= 1.7UNKNOWN
FreeBSDanynoarchkrb5< 1.7.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	krb5	= 1.7	UNKNOWN
FreeBSD	any	noarch	krb5	< 1.7.2	UNKNOWN

References

web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.356 Low

EPSS

Percentile

97.2%

JSON

Related for 7EDAC52A-66CD-11E0-9398-5D45F3AA24F0