CVE-2011-0283 — Kerberos 5 vulnerability

8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

1.1%

top 22.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Kerberos 5

Timeline

PublishedFeb 10

Latest updateMay 13

Description

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmit/kerberos_51.9

🔴Vulnerability Details

GHSA

GHSA-g47g-hw4g-7x2c: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1↗2022-05-13

▶

CVEList

CVE-2011-0283: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1↗2011-02-10

▶

📋Vendor Advisories

Red Hat

krb5: uninitialized pointer use in krb5kdc leads to KDC crash↗2011-02-08

▶

Debian

CVE-2011-0283: krb5 - The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote...↗2011

▶

Red Hat

kernel: possible kernel oops from user MSS↗2010-11-10

▶

💬Community

Bugzilla

CVE-2011-0283 krb5: uninitialized pointer use in krb5kdc leads to KDC crash [fedora-rawhide]↗2011-02-08

▶

Bugzilla

CVE-2011-0283 krb5: uninitialized pointer use in krb5kdc leads to KDC crash↗2011-01-18

▶