Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24163
HistoryApr 10, 2020 - 12:47 a.m.

Denial Of Service (DoS)

2020-04-1000:47:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
denial of service
krb5
vulnerability
null pointer dereference
mit kerberos
gss-api
remote attacker
authenticated
crash
server application
authentication mechanism
checksum field

EPSS

0.014

Percentile

86.9%

krb5 is vulnerable to denial of service (DoS). The vulnerability exists as a NULL pointer dereference flaw was discovered in the MIT Kerberos Generic Security Service Application Program Interface (GSS-API) library. A remote, authenticated attacker could use this flaw to crash any server application using the GSS-API authentication mechanism, by sending a specially-crafted GSS-API token with a missing checksum field.

Affected configurations

Vulners
Node
-krb5Match1.3.4_49.el4_5.1
OR
-krb5Match1.6.1_17.el5_1.1
OR
-krb5Match1.6.1_31.el5_3.3
OR
-krb5Match1.6.1_31.el5
OR
-krb5Match1.3.4_54.el4_6.2
OR
-krb5Match1.6.1_25.el5
OR
-krb5Match1.3.4_60.el4_7.2
OR
-krb5Match1.3.4_54.el4_6.1
OR
-krb5Match1.6.1_25.el5_2.2
OR
-krb5Match1.6.1_25.el5_2.1
OR
-krb5Match1.6.1_17.el5
OR
-krb5Match1.3.4_60.el4
OR
-java-1.6.0-ibmMatch1.6.0.4_1jpp.1.el5
OR
-java-1.6.0-ibmMatch1.6.0.8.1_1jpp.2.el5
OR
-java-1.6.0-ibmMatch1.6.0.4_1jpp.1.el4
VendorProductVersionCPE
-krb51.3.4_49.el4_5.1cpe:2.3:a:-:krb5:1.3.4_49.el4_5.1:*:*:*:*:*:*:*
-krb51.6.1_17.el5_1.1cpe:2.3:a:-:krb5:1.6.1_17.el5_1.1:*:*:*:*:*:*:*
-krb51.6.1_31.el5_3.3cpe:2.3:a:-:krb5:1.6.1_31.el5_3.3:*:*:*:*:*:*:*
-krb51.6.1_31.el5cpe:2.3:a:-:krb5:1.6.1_31.el5:*:*:*:*:*:*:*
-krb51.3.4_54.el4_6.2cpe:2.3:a:-:krb5:1.3.4_54.el4_6.2:*:*:*:*:*:*:*
-krb51.6.1_25.el5cpe:2.3:a:-:krb5:1.6.1_25.el5:*:*:*:*:*:*:*
-krb51.3.4_60.el4_7.2cpe:2.3:a:-:krb5:1.3.4_60.el4_7.2:*:*:*:*:*:*:*
-krb51.3.4_54.el4_6.1cpe:2.3:a:-:krb5:1.3.4_54.el4_6.1:*:*:*:*:*:*:*
-krb51.6.1_25.el5_2.2cpe:2.3:a:-:krb5:1.6.1_25.el5_2.2:*:*:*:*:*:*:*
-krb51.6.1_25.el5_2.1cpe:2.3:a:-:krb5:1.6.1_25.el5_2.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

References