12 matches found
SUSE CVE-2009-3295
The prepreprocessreq function in kdc/dotgsreq.c in the cross-realm referral implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a ticket request...
SUSE CVE-2013-1417
dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted cross-realm referral for a host-bas...
Oracle Solaris Third-Party Patch Update : kerberos (multiple_vulnerabilities_in_kerberos1)
The remote Solaris system is missing necessary patches to address security updates : - dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon cra...
CVE-2013-1417
dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted cross-realm referral for a host-bas...
CVE-2013-1417
dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted cross-realm referral for a host-bas...
Design/Logic Flaw
dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted cross-realm referral for a host-bas...
UBUNTU-CVE-2013-1417
dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted cross-realm referral for a host-bas...
MIT Kerberos5 KDC Cross Realm Referral DoS Vulnerability
MIT Kerberos5 is prone to a Denial of Service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mit:kerberos";...
Null pointer dereference
The prepreprocessreq function in kdc/dotgsreq.c in the cross-realm referral implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a ticket request...
CVE-2009-3295
CVE-2009-3295 : In MIT Kerberos 5, the prep_reprocess_req function in kdc/do_tgs_req.c of the cross-realm referral KDC allows remote attackers to trigger a NULL pointer dereference, causing a denial of service (daemon crash). Affected: MIT Kerberos 5 up to version 1.7.x prior to 1.7.1. Root cause...
CVE-2009-3295
The prepreprocessreq function in kdc/dotgsreq.c in the cross-realm referral implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a ticket request...
MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2009-003 MIT krb5 Security Advisory 2009-003 Original release: 2009-12-28 Last update: 2009-12-28 Topic: KDC denial of service in cross-realm referral processing CVE-2009-3295 KDC denial of service in cross-realm referral processing CVSSv2...