MIT Kerberos Key Distribution Center Heap Overflow Vulnerability

Last Update Date: 1 Aug 2012 11:27 Release Date: 1 Aug 2012 4565 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Two vulnerabilities have been identified in the Kerberos KDC, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system.

  1. By sending a specially crafted AS-REQ, an unauthenticated remote attacker can cause the KDC to abnormally terminate or to execute malicious code.
  2. By sending a malformed AS-REQ, an unauthenticated remote attacker can cause the KDC to abnormally terminate.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • The KDC in releases krb5-1.8 or later
  • The KDC in releases krb5-1.10 or later

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple Safari for Mac OS X Multiple Vulnerabilities

27 Jul 2012 4476 Views

Next

Citrix Access Gateway Multiple Vulnerabilities

2 Aug 2012 4435 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY