What is CVE-2011-0281?

CVE-2011-0281 is a vulnerability in Mit Kerberos, classified under Cryptographic Issues. Published 2011-02-10.

Is CVE-2011-0281 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mit Kerberos

CVE-2011-0281

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang)…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.108 (93.5th percentile) — read the EPSS interpretation.

Affected products

Mit Kerberos — versions 5-1.6.3
Mit Kerberos_5 — versions 1.6, 1.6.1, 1.6.2
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

References

MDVSA-2011:025 (vendor-advisory, x_refsource_MANDRIVA)
46265 (vdb-entry, x_refsource_BID)
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (mailing-list, x_refsource_BUGTRAQ)
46397 (x_refsource_SECUNIA, third-party-advisory)
ADV-2011-0347 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
43260 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0333 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
RHSA-2011:0199 (x_refsource_REDHAT, vendor-advisory)
43273 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2011-0281?: CVE-2011-0281 is a vulnerability in Mit Kerberos, classified under Cryptographic Issues. Published 2011-02-10.
Is CVE-2011-0281 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.