Total vulnerabilities in the database
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | 1.7 | 1.7.x |
| mit / kerberos_5 | 1.8 | 1.8.x |
| mit / kerberos_5 | 1.9 | 1.9.x |