Total vulnerabilities in the database
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
Software | From | Fixed in |
---|---|---|
mit / kerberos_5 | - | 1.10.5 |
opensuse / opensuse | 12.3 | 12.3.x |
opensuse / opensuse | 11.4 | 11.4.x |
opensuse / opensuse | 12.2 | 12.2.x |
opensuse / opensuse | 12.1 | 12.1.x |
fedoraproject / fedora | 17 | 17.x |
fedoraproject / fedora | 18 | 18.x |
redhat / enterprise_linux_server_aus | 6.4 | 6.4.x |
redhat / enterprise_linux_desktop | 6.0 | 6.0.x |
redhat / enterprise_linux_server | 6.0 | 6.0.x |
redhat / enterprise_linux_workstation | 6.0 | 6.0.x |
redhat / enterprise_linux_eus | 6.4 | 6.4.x |