CVE-2016-3119 — NULL Pointer Dereference in Kerberos 5

CWE-476 — NULL Pointer Dereference8 documents7 sources

Severity

5.3MEDIUMNVD

EPSS

9.2%

top 7.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Krb5 MIT Kerberos 5 Opensuse Leap +1 more

Timeline

PublishedMar 26

Latest updateMay 13

Description

The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages4 packages

▶Debianmit/krb5< 1.14.2+dfsg-1+3

▶NVDmit/kerberos_569 versions+68

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-qq9x-4x4m-294x: The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2↗2022-05-13

▶

CVEList

CVE-2016-3119: The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2↗2016-03-26

▶

OSV

CVE-2016-3119: The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2↗2016-03-26

▶

📋Vendor Advisories

Red Hat

krb5: null pointer dereference in kadmin↗2016-03-14

▶

Debian

CVE-2016-3119: krb5 - The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c i...↗2016

▶

💬Community

Bugzilla

CVE-2016-3119 krb5: null pointer dereference in kadmin [fedora-all]↗2016-03-21

▶

Bugzilla

CVE-2016-3119 krb5: null pointer dereference in kadmin↗2016-03-21

▶