Total vulnerabilities in the database
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | 1.8 | 1.8.2 |
| mit / kerberos_5 | - | 1.7.1.x |
| debian / debian_linux | 5.0 | 5.0.x |
| debian / debian_linux | 6.0 | 6.0.x |
| canonical / ubuntu_linux | 9.04 | 9.04.x |
| canonical / ubuntu_linux | 9.10 | 9.10.x |
| canonical / ubuntu_linux | 10.04 | 10.04.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| opensuse / opensuse | 11.1 | 11.1.x |
| suse / linux_enterprise_server | 11-sp1 | 11-sp1.x |
| opensuse / opensuse | 11.0 | 11.0.x |
| opensuse / opensuse | 11.2 | 11.2.x |
| opensuse / opensuse | 11.3 | 11.3.x |
| suse / linux_enterprise_server | 11 | 11.x |
| suse / linux_enterprise_server | 10-sp3 | 10-sp3.x |
| fedoraproject / fedora | 11 | 11.x |
| fedoraproject / fedora | 13 | 13.x |
| fedoraproject / fedora | 12 | 12.x |