CVE-2014-4342CVE-2014-4342

Affected configuration(s):

cpe:/a:mit:kerberos:5-1.7
cpe:/a:mit:kerberos:5-1.7.1
cpe:/a:mit:kerberos:5-1.8
cpe:/a:mit:kerberos:5-1.8:alpha1
cpe:/a:mit:kerberos:5-1.8.1
cpe:/a:mit:kerberos:5-1.8.2
cpe:/a:mit:kerberos:5-1.8.3
cpe:/a:mit:kerberos:5-1.8.4
cpe:/a:mit:kerberos:5-1.8.5
cpe:/a:mit:kerberos:5-1.8.6
cpe:/a:mit:kerberos:5-1.9
cpe:/a:mit:kerberos:5-1.9.1
cpe:/a:mit:kerberos:5-1.9.2
cpe:/a:mit:kerberos:5-1.9.3
cpe:/a:mit:kerberos:5-1.9.4
cpe:/a:mit:kerberos:5-1.10
cpe:/a:mit:kerberos:5-1.10.1
cpe:/a:mit:kerberos:5-1.10.2
cpe:/a:mit:kerberos:5-1.10.3
cpe:/a:mit:kerberos:5-1.10.4
cpe:/a:mit:kerberos:5-1.10.5
cpe:/a:mit:kerberos:5-1.10.6
cpe:/a:mit:kerberos:5-1.10.7
cpe:/a:mit:kerberos:5-1.11
cpe:/a:mit:kerberos:5-1.11.1
cpe:/a:mit:kerberos:5-1.11.2
cpe:/a:mit:kerberos:5-1.11.3
cpe:/a:mit:kerberos:5-1.11.4
cpe:/a:mit:kerberos:5-1.12
cpe:/a:mit:kerberos:5-1.12.1
cpe:/o:debian:debian_linux:7.0
cpe:/o:redhat:enterprise_linux_desktop:7.0
cpe:/o:redhat:enterprise_linux_hpc_node:7.0
cpe:/o:redhat:enterprise_linux_server:7.0
cpe:/o:redhat:enterprise_linux_workstation:7.0

Date published: 2014-07-20T07:12:50.870-04:00

Date last modified: 2017-11-13T11:40:57.770-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://advisories.mageia.org/MGASA-2014-0345.html

Summary: MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.