Lucene search
PRIOn knowledge basePRION:CVE-2016-3119HistoryMar 26, 2016 - 1:59 a.m.
Null pointer dereference
2016-03-2601:59:00
PRIOn knowledge base
www.prio-n.com
5
The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kerberos_5 | eq | 1.1 | |
| kerberos_5 | eq | 1.2 | |
| kerberos_5 | eq | 1.2.1 | |
| kerberos_5 | eq | 1.2.2 | |
| kerberos_5 | eq | 1.2.3 | |
| kerberos_5 | eq | 1.2.4 | |
| kerberos_5 | eq | 1.2.5 | |
| kerberos_5 | eq | 1.2.6 | |
| kerberos_5 | eq | 1.2.7 | |
| kerberos_5 | eq | 1.2.8 |
References
lists.opensuse.org/opensuse-updates/2016-04/msg00007.html
lists.opensuse.org/opensuse-updates/2016-04/msg00055.html
rhn.redhat.com/errata/RHSA-2016-2591.html
www.securityfocus.com/bid/85392
www.securitytracker.com/id/1035399
github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99
lists.debian.org/debian-lts-announce/2018/01/msg00040.html
Related
cve
cve
CVE-2016-3119
2016-03-26 01:59:05
nessus
nessus
Fedora 24 : krb5-1.14.1-3.fc24 (2016-8dbc4ade25)
2016-03-28 00:00:00
openSUSE Security Update : krb5 (openSUSE-2016-424)
2016-04-05 00:00:00
Fedora 22 : krb5-1.13.2-14.fc22 (2016-ed99cb602e)
2016-04-07 00:00:00
openvas
openvas
Fedora Update for krb5 FEDORA-2016-56840
2016-03-23 00:00:00
Mageia: Security Advisory (MGASA-2016-0123)
2016-03-31 00:00:00
Fedora Update for krb5 FEDORA-2016-8
2016-04-11 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: krb5-1.14.1-3.fc23
2016-03-22 19:54:27
[SECURITY] Fedora 22 Update: krb5-1.13.2-14.fc22
2016-04-05 14:21:44
[SECURITY] Fedora 24 Update: krb5-1.14.1-3.fc24
2016-03-27 00:11:38
debiancve
debiancve
CVE-2016-3119
2016-03-26 01:59:05
mageia
mageia
Updated krb5 packages fix security vulnerability
2016-03-25 09:38:37
cvelist
cvelist
CVE-2016-3119
2016-03-26 01:00:00
ubuntucve
ubuntucve
CVE-2016-3119
2016-03-26 00:00:00
alpinelinux
alpinelinux
CVE-2016-3119
2016-03-26 01:59:05
osv
osv
CVE-2016-3119
2016-03-26 01:59:00
krb5 - security update
2018-01-31 00:00:00
nvd
nvd
CVE-2016-3119
2016-03-26 01:59:05
ibm
ibm
centos
centos
krb5, libkadm5 security update
2016-11-25 15:30:33
amazon
amazon
Low: krb5
2017-02-06 18:00:00
oraclelinux
oraclelinux
krb5 security, bug fix, and enhancement update
2016-11-09 00:00:00
redhat
redhat
(RHSA-2016:2591) Low: krb5 security, bug fix, and enhancement update
2016-11-03 06:07:15
debian
debian
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:34
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.14.2-alt1
2016-04-26 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.14.2-alt1
2016-04-25 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13.7-alt0.M70P.1
2017-04-13 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0076
2017-10-06 00:00:00