krb5 -- remote denial of service vulnerability

2010-04-06T00:00:00
ID A30573DC-4893-11DF-A5F9-001641AEABDF
Type freebsd
Reporter FreeBSD
Modified 2010-04-06T00:00:00

Description

An authenticated remote attacker can causing a denial of service by using a newer version of the kadmin protocol than the server supports. The MIT Kerberos team also reports the cause:

The Kerberos administration daemon (kadmind) can crash due to referencing freed memory.