Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-1015
HistoryAug 06, 2012 - 4:55 p.m.

CVE-2012-1015

2012-08-0616:55:01
CWE-20
[email protected]
web.nvd.nist.gov
10

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.134

Percentile

95.6%

JSON

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.

Affected configurations

Nvd
Node
mitkerberos_5Match1.8
OR
mitkerberos_5Match1.8.1
OR
mitkerberos_5Match1.8.2
OR
mitkerberos_5Match1.8.3
OR
mitkerberos_5Match1.8.4
OR
mitkerberos_5Match1.8.5
OR
mitkerberos_5Match1.8.6
Node
mitkerberos_5Match1.9.4
Node
mitkerberos_5Match1.10
OR
mitkerberos_5Match1.10.1
OR
mitkerberos_5Match1.10.2

Related

altlinux 3
ubuntucve 1
cve 1
prion 1
nessus 14
debiancve 1
openvas 23
cvelist 1
securityvulns 2
veracode 1
debian 1
amazon 1
redhat 2
oraclelinux 1
centos 1
osv 1
fedora 5
ubuntu 1
gentoo 1
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.10.2-alt2
2012-08-07 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.10.2-alt2
2012-08-07 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.10.2-alt2
2012-08-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-1015
2012-07-31 00:00:00
cve
cve
CVE-2012-1015
2012-08-06 16:55:01
prion
prion
Design/Logic Flaw
2012-08-06 16:55:00
nessus
nessus
Mandriva Linux Security Advisory : krb5 (MDVSA-2012:120)
2012-09-06 00:00:00
Fedora 16 : krb5-1.9.4-3.fc16 (2012-11370)
2012-08-10 00:00:00
Scientific Linux Security Update : krb5 on SL6.x i386/x86_64 (20120731)
2012-08-03 00:00:00
debiancve
debiancve
CVE-2012-1015
2012-08-06 16:55:01
openvas
openvas
Mandriva Update for krb5 MDVSA-2012:120 (krb5)
2012-08-03 00:00:00
Mandriva Update for krb5 MDVSA-2012:120 (krb5)
2012-08-03 00:00:00
Debian: Security Advisory (DSA-2518-1)
2012-08-10 00:00:00
cvelist
cvelist
CVE-2012-1015
2012-08-06 16:00:00
securityvulns
securityvulns
MIT Kerberos 5 security vulnerabilities
2012-08-06 00:00:00
MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015]
2012-08-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:42:39
debian
debian
[SECURITY] [DSA 2518-1] krb5 security update
2012-07-31 19:56:05
amazon
amazon
Important: krb5
2012-08-03 15:55:00
redhat
redhat
(RHSA-2012:1131) Important: krb5 security update
2012-07-31 00:00:00
(RHSA-2012:1200) Moderate: rhev-hypervisor6 security and bug fix update
2012-08-23 00:00:00
oraclelinux
oraclelinux
krb5 security update
2012-07-31 00:00:00
centos
centos
krb5 security update
2012-07-31 23:18:36
osv
osv
krb5 - denial of service
2012-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: krb5-1.10.2-6.fc17
2012-08-05 21:22:40
[SECURITY] Fedora 16 Update: krb5-1.9.4-3.fc16
2012-08-09 23:10:41
[SECURITY] Fedora 17 Update: krb5-1.10.2-9.fc17
2013-03-16 01:31:43
ubuntu
ubuntu
Kerberos vulnerabilities
2012-07-31 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.134

Percentile

95.6%

JSON
Related for NVD:CVE-2012-1015
altlinux3ubuntucve1cve1prion1nessus14debiancve1openvas23cvelist1securityvulns2veracode1debian1amazon1redhat2oraclelinux1centos1osv1fedora5ubuntu1gentoo1