Total vulnerabilities in the database
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | - | 1.14 |
| oracle / solaris | 11.3 | 11.3.x |
| canonical / ubuntu_linux | 15.10 | 15.10.x |
| canonical / ubuntu_linux | 15.04 | 15.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 7.0 | 7.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| suse / linux_enterprise_server | 11-sp4 | 11-sp4.x |
| suse / linux_enterprise_desktop | 11-sp3 | 11-sp3.x |
| suse / linux_enterprise_server | 11-sp3 | 11-sp3.x |
| suse / linux_enterprise_desktop | 11-sp4 | 11-sp4.x |
| suse / linux_enterprise_software_development_kit | 11-sp3 | 11-sp3.x |
| suse / linux_enterprise_software_development_kit | 11-sp4 | 11-sp4.x |
| opensuse / leap | 42.1 | 42.1.x |
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| suse / linux_enterprise_server | 12 | 12.x |
| suse / linux_enterprise_software_development_kit | 12 | 12.x |
| suse / linux_enterprise_desktop | 12 | 12.x |