Vulnerability in Mit Kerberos
CVE-2014-5354
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash)…
EPSS: 0.005 (68.0th percentile) — read the EPSS interpretation.
Affected products
- Mit Kerberos — versions 5_1.13
- Mit Kerberos_5 — versions 1.12, 1.12.1, 1.12.2
- N/a — versions n/a
References
- openSUSE-SU-2015:0542 (vendor-advisory, x_refsource_SUSE)
- 71680 (vdb-entry, x_refsource_BID)
- 1031376 (vdb-entry, x_refsource_SECTRACK)
- USN-2498-1 (x_refsource_UBUNTU, vendor-advisory)
- cve@mitre.org (x_refsource_CONFIRM)