ID |
CVE-2011-0282
|
Summary |
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference' |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
-
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 21-01-2020 - 15:46) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
redhat
via4
|
advisories | bugzilla | id | 668726 | title | CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 5 is installed | oval | oval:com.redhat.rhba:tst:20070331005 |
OR | AND | comment | krb5-devel is earlier than 0:1.6.1-55.el5_6.1 | oval | oval:com.redhat.rhsa:tst:20110199001 |
comment | krb5-devel is signed with Red Hat redhatrelease key | oval | oval:com.redhat.rhsa:tst:20070095011 |
|
AND | comment | krb5-libs is earlier than 0:1.6.1-55.el5_6.1 | oval | oval:com.redhat.rhsa:tst:20110199003 |
comment | krb5-libs is signed with Red Hat redhatrelease key | oval | oval:com.redhat.rhsa:tst:20070095013 |
|
AND | comment | krb5-server is earlier than 0:1.6.1-55.el5_6.1 | oval | oval:com.redhat.rhsa:tst:20110199005 |
comment | krb5-server is signed with Red Hat redhatrelease key | oval | oval:com.redhat.rhsa:tst:20070095015 |
|
AND | comment | krb5-server-ldap is earlier than 0:1.6.1-55.el5_6.1 | oval | oval:com.redhat.rhsa:tst:20110199007 |
comment | krb5-server-ldap is signed with Red Hat redhatrelease key | oval | oval:com.redhat.rhsa:tst:20110199008 |
|
AND | comment | krb5-workstation is earlier than 0:1.6.1-55.el5_6.1 | oval | oval:com.redhat.rhsa:tst:20110199009 |
comment | krb5-workstation is signed with Red Hat redhatrelease key | oval | oval:com.redhat.rhsa:tst:20070095017 |
|
|
|
|
| rhsa | id | RHSA-2011:0199 | released | 2011-02-08 | severity | Important | title | RHSA-2011:0199: krb5 security update (Important) |
|
bugzilla | id | 668726 | title | CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | krb5-devel is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200001 |
comment | krb5-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599002 |
|
AND | comment | krb5-libs is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200003 |
comment | krb5-libs is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599004 |
|
AND | comment | krb5-pkinit-openssl is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200005 |
comment | krb5-pkinit-openssl is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20100863006 |
|
AND | comment | krb5-server is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200007 |
comment | krb5-server is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599008 |
|
AND | comment | krb5-server-ldap is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200009 |
comment | krb5-server-ldap is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599010 |
|
AND | comment | krb5-workstation is earlier than 0:1.8.2-3.el6_0.4 | oval | oval:com.redhat.rhsa:tst:20110200011 |
comment | krb5-workstation is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20192599012 |
|
|
|
|
| rhsa | id | RHSA-2011:0200 | released | 2011-02-08 | severity | Important | title | RHSA-2011:0200: krb5 security update (Important) |
|
| rpms | - krb5-debuginfo-0:1.6.1-55.el5_6.1
- krb5-devel-0:1.6.1-55.el5_6.1
- krb5-libs-0:1.6.1-55.el5_6.1
- krb5-server-0:1.6.1-55.el5_6.1
- krb5-server-ldap-0:1.6.1-55.el5_6.1
- krb5-workstation-0:1.6.1-55.el5_6.1
- krb5-debuginfo-0:1.8.2-3.el6_0.4
- krb5-devel-0:1.8.2-3.el6_0.4
- krb5-libs-0:1.8.2-3.el6_0.4
- krb5-pkinit-openssl-0:1.8.2-3.el6_0.4
- krb5-server-0:1.8.2-3.el6_0.4
- krb5-server-ldap-0:1.8.2-3.el6_0.4
- krb5-workstation-0:1.8.2-3.el6_0.4
|
|
refmap
via4
|
bid | 46271 | bugtraq | - 20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
- 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
| confirm | | mandriva | - MDVSA-2011:024
- MDVSA-2011:025
| sectrack | 1025037 | secunia | | sreason | 8073 | suse | SUSE-SR:2011:004 | vupen | - ADV-2011-0330
- ADV-2011-0333
- ADV-2011-0347
- ADV-2011-0464
| xf | kerberos-ldap-dos(65323) |
|
Last major update |
21-01-2020 - 15:46 |
Published |
10-02-2011 - 18:00 |
Last modified |
21-01-2020 - 15:46 |