CVE-2011-0283 - The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause

CVE-2011-0283

Summary

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

References

Vulnerable Configurations

cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 21-01-2020 - 15:46)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	46272
bugtraq	20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
confirm	http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
sectrack	1025037
secunia	43260
sreason	8073
vupen	ADV-2011-0330

Last major update

21-01-2020 - 15:46

Published

10-02-2011 - 18:00

Last modified

21-01-2020 - 15:46