Description The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
CVSS vector AV:N/AC:L/C:N/I:N/A:P Exploitability: 10.0 | Impact: 2.9 Complexity: Low
Confidentiality: None
Integrity: None
Affected Packages3 packages
🔴 Vulnerability Details3 GHSA GHSA-9889-rr58-7c63: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1 ↗ 2022-05-13 ▶ OSV CVE-2011-0282: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1 ↗ 2011-02-10 ▶ CVEList CVE-2011-0282: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1 ↗ 2011-02-10 ▶
📋 Vendor Advisories3 Ubuntu Kerberos vulnerabilities ↗ 2011-02-15 ▶ Red Hat krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) ↗ 2011-02-08 ▶ Debian CVE-2011-0282: krb5 - The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9... ↗ 2011 ▶
💬 Community21 Bugzilla CVE-2010-4451 JDK unspecified vulnerability in Install component ↗ 2011-02-16 ▶ Bugzilla CVE-2010-4447 JDK unspecified vulnerability in Deployment component ↗ 2011-02-16 ▶ Bugzilla CVE-2010-4422 JDK unspecified vulnerability in Deployment component ↗ 2011-02-16 ▶ Bugzilla CVE-2010-4462 JDK unspecified vulnerability in Sound component ↗ 2011-02-16 ▶ Bugzilla CVE-2010-4452 JDK unspecified vulnerability in Deployment component ↗ 2011-02-16 ▶ Show 16 more