What is CVE-2011-0282?

CVE-2011-0282 is a vulnerability in Mit Kerberos. Published 2011-02-10.

Is CVE-2011-0282 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mit Kerberos

CVE-2011-0282

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a cra…

EPSS: 0.096 (93.0th percentile) — read the EPSS interpretation.

Affected products

Mit Kerberos — versions 5-1.6.3
Mit Kerberos_5 — versions 1.6, 1.6.1, 1.6.2
N/a — versions n/a

Public proof-of-concept exploits

References

MDVSA-2011:025 (vendor-advisory, x_refsource_MANDRIVA)
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (mailing-list, x_refsource_BUGTRAQ)
46397 (x_refsource_SECUNIA, third-party-advisory)
46271 (vdb-entry, x_refsource_BID)
ADV-2011-0347 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
43260 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0333 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
RHSA-2011:0199 (x_refsource_REDHAT, vendor-advisory)
43273 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2011-0282?: CVE-2011-0282 is a vulnerability in Mit Kerberos. Published 2011-02-10.
Is CVE-2011-0282 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.