CVE-2011-0281 — Allocation of File Descriptors or Handles Without Limits or Throttling in Kerberos
Severity
5.0MEDIUMNVD
EPSS
10.8%
top 6.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 10
Latest updateMay 13
Description
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Affected Packages3 packages
🔴Vulnerability Details
3GHSA▶
GHSA-pm35-jvrf-37g2: The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1↗2022-05-13
CVEList▶
CVE-2011-0281: The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1↗2011-02-10
OSV▶
CVE-2011-0281: The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1↗2011-02-10