1. CVE-Search
  2. CVE-2015-8631
ID CVE-2015-8631
Summary Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.
References
Vulnerable Configurations
  • cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
    cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
  • cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
    cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 02-02-2021 - 19:15)
Impact:
Exploitability:
CWE CWE-772
CAPEC
  • HTTP DoS
    An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1302642
    title CVE-2015-8631 krb5: Memory leak caused by supplying a null principal name in request
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment krb5-devel is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493001
          • comment krb5-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599002
        • AND
          • comment krb5-libs is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493003
          • comment krb5-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599004
        • AND
          • comment krb5-pkinit-openssl is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493005
          • comment krb5-pkinit-openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100863006
        • AND
          • comment krb5-server is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493007
          • comment krb5-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599008
        • AND
          • comment krb5-server-ldap is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493009
          • comment krb5-server-ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599010
        • AND
          • comment krb5-workstation is earlier than 0:1.10.3-42z1.el6_7
            oval oval:com.redhat.rhsa:tst:20160493011
          • comment krb5-workstation is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599012
    rhsa
    id RHSA-2016:0493
    released 2016-03-22
    severity Moderate
    title RHSA-2016:0493: krb5 security update (Moderate)
  • bugzilla
    id 1302642
    title CVE-2015-8631 krb5: Memory leak caused by supplying a null principal name in request
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment krb5-devel is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532001
          • comment krb5-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599002
        • AND
          • comment krb5-libs is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532003
          • comment krb5-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599004
        • AND
          • comment krb5-pkinit is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532005
          • comment krb5-pkinit is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599006
        • AND
          • comment krb5-server is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532007
          • comment krb5-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599008
        • AND
          • comment krb5-server-ldap is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532009
          • comment krb5-server-ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599010
        • AND
          • comment krb5-workstation is earlier than 0:1.13.2-12.el7_2
            oval oval:com.redhat.rhsa:tst:20160532011
          • comment krb5-workstation is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20192599012
    rhsa
    id RHSA-2016:0532
    released 2016-03-31
    severity Moderate
    title RHSA-2016:0532: krb5 security update (Moderate)
rpms
  • krb5-debuginfo-0:1.10.3-42z1.el6_7
  • krb5-devel-0:1.10.3-42z1.el6_7
  • krb5-libs-0:1.10.3-42z1.el6_7
  • krb5-pkinit-openssl-0:1.10.3-42z1.el6_7
  • krb5-server-0:1.10.3-42z1.el6_7
  • krb5-server-ldap-0:1.10.3-42z1.el6_7
  • krb5-workstation-0:1.10.3-42z1.el6_7
  • krb5-debuginfo-0:1.13.2-12.el7_2
  • krb5-devel-0:1.13.2-12.el7_2
  • krb5-libs-0:1.13.2-12.el7_2
  • krb5-pkinit-0:1.13.2-12.el7_2
  • krb5-server-0:1.13.2-12.el7_2
  • krb5-server-ldap-0:1.13.2-12.el7_2
  • krb5-workstation-0:1.13.2-12.el7_2
refmap via4
confirm
debian DSA-3466
sectrack 1034916
suse
  • openSUSE-SU-2016:0406
  • openSUSE-SU-2016:0501
Last major update 02-02-2021 - 19:15
Published 13-02-2016 - 02:59
Last modified 02-02-2021 - 19:15
Back to Top