Lucene search
Ubuntu.comUB:CVE-2012-1014HistoryJul 31, 2012 - 12:00 a.m.
CVE-2012-1014
2012-07-3100:00:00
ubuntu.com
ubuntu.com
8
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:P/A:C
0.06 Low
EPSS
Percentile
93.4%
The process_as_req function in the Key Distribution Center (KDC) in MIT
Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain
structure member, which allows remote attackers to cause a denial of
service (uninitialized pointer dereference and daemon crash) or possibly
execute arbitrary code via a malformed AS-REQ request.
Notes
| Author | Note |
|---|---|
| sbeattie | krb5 1.10 and newer code execution potential probably blocked by glibc double-free detection |
Related
prion
prion
Cross site request forgery (csrf)
2012-08-06 16:55:00
debiancve
debiancve
CVE-2012-1014
2012-08-06 16:55:00
cve
cve
CVE-2012-1014
2012-08-06 16:55:00
nessus
nessus
Fedora 17 : krb5-1.10.2-6.fc17 (2012-11388)
2012-08-06 00:00:00
Debian DSA-2518-1 : krb5 - denial of service and remote code execution
2012-08-01 00:00:00
openSUSE Security Update : krb5 (openSUSE-SU-2012:0967-1)
2014-06-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 2518-1 (krb5)
2012-08-10 00:00:00
Debian: Security Advisory (DSA-2518-1)
2012-08-10 00:00:00
Fedora Update for krb5 FEDORA-2012-11388
2012-08-30 00:00:00
securityvulns
securityvulns
MIT Kerberos 5 security vulnerabilities
2012-08-06 00:00:00
debian
debian
[SECURITY] [DSA 2518-1] krb5 security update
2012-07-31 19:56:05
osv
osv
krb5 - denial of service
2012-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: krb5-1.10.2-6.fc17
2012-08-05 21:22:40
ubuntu
ubuntu
Kerberos vulnerabilities
2012-07-31 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:P/A:C
0.06 Low
EPSS
Percentile
93.4%
Related for UB:CVE-2012-1014