7 matches found
SUSE CVE-2014-4345
Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service buffer...
SUSE CVE-2014-5351
The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access...
Denial Of Service (DoS)
libkrb5.so is vulnerable to denial of service DoS attacks. The vulnerability exists in the krb5encodekrbsecretkey function of plugins/kdb/ldap/libkdbldap/ldapprincipal2.c where authenticated users can cause DoS attacks through a series of cpw -keepold commands...
Denial Of Service (DoS)
libkrb5.so is vulnerable to denial of service DoS attacks. The vulnerability exists in the krb5encodekrbsecretkey function of plugins/kdb/ldap/libkdbldap/ldapprincipal2.c where authenticated users can cause DoS attacks through a series of cpw -keepold commands...
DEBIAN-CVE-2014-5351
The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access...
UBUNTU-CVE-2014-5351
The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access...
DEBIAN-CVE-2014-4345
Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service buffer...