MIT Kerberos 5 kadmind KADM5_POLICY Denial of Service (CVE-2015-8630)

A denial-of-service vulnerability exists in the MIT Kerberos 5 kadmind service. The vulnerability is due to a NULL pointer dereference when processing policy value. A remote, authenticated user who has permission to modify a principal entry can exploit this vulnerability by sending maliciously...

USN-924-1: Kerberos vulnerabilities

Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...