Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-1530
Description:The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.
Test IDs: 1.3.6.1.4.1.25623.1.0.70591   1.3.6.1.4.1.25623.1.0.70493   1.3.6.1.4.1.25623.1.0.71022   1.3.6.1.4.1.25623.1.0.72078   1.3.6.1.4.1.25623.1.0.72270   1.3.6.1.4.1.25623.1.0.122028   1.3.6.1.4.1.25623.1.0.120405   1.3.6.1.4.1.25623.1.0.864084   1.3.6.1.4.1.25623.1.0.870701   1.3.6.1.4.1.25623.1.0.881348   1.3.6.1.4.1.25623.1.0.840942  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-1530
BugTraq ID: 50929
http://www.securityfocus.com/bid/50929
Bugtraq: 20111206 MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] (Google Search)
http://www.securityfocus.com/archive/1/520756/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2011:184
RedHat Security Advisories: RHSA-2011:1790
http://www.redhat.com/support/errata/RHSA-2011-1790.html
http://securitytracker.com/id?1026374
http://secunia.com/advisories/47124
XForce ISS Database: kerberos-processtgsreq-dos(71655)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71655




© 1998-2021 E-Soft Inc. All rights reserved.