- Home
- CVEs with nessus.description==Updated krb5 package fixes security vulnerabilities :
MIT Kerberos 5 allows attackers to cause a denial of service via a buffer over-read or NULL pointer dereference, by injecting invalid tokens into a GSSAPI application session (CVE-2014-4341, CVE-2014-4342).
MIT Kerberos 5 allows attackers to cause a denial of service via a double-free flaw or NULL pointer dereference, while processing invalid SPNEGO tokens (CVE-2014-4344).
In MIT Kerberos 5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow) (CVE-2014-4345).
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top