CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
97.2%
Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution
Center (KDC) daemon is vulnerable to a double-free condition if
the Public Key Cryptography for Initial Authentication (PKINIT)
capability is enabled. This could allow a remote attacker to cause
a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | krb5-kdc | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-admin-server | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-clients | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-ftpd | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-kdc-ldap | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-pkinit | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-rsh-server | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-telnetd | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | krb5-user | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |
Ubuntu | 9.10 | noarch | libgssapi-krb5-2 | < 1.7dfsg~beta3-1ubuntu0.12 | UNKNOWN |