Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-4344HistoryAug 14, 2014 - 5:01 a.m.
CVE-2014-4344
2014-08-1405:01:49
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.117
Percentile
95.3%
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.12.1+dfsg-5 | krb5_1.12.1+dfsg-5_all.deb |
| Debian | 11 | all | krb5 | < 1.12.1+dfsg-5 | krb5_1.12.1+dfsg-5_all.deb |
| Debian | 999 | all | krb5 | < 1.12.1+dfsg-5 | krb5_1.12.1+dfsg-5_all.deb |
| Debian | 13 | all | krb5 | < 1.12.1+dfsg-5 | krb5_1.12.1+dfsg-5_all.deb |
Related
ubuntucve
ubuntucve
CVE-2014-4344
2014-07-21 00:00:00
f5
f5
SOL15561 - Kerberos vulnerability CVE-2014-4344
2014-09-04 00:00:00
K15561 : Kerberos vulnerability CVE-2014-4344
2014-09-04 00:00:00
cvelist
cvelist
CVE-2014-4344
2014-08-14 01:00:00
nvd
nvd
CVE-2014-4344
2014-08-14 05:01:49
cve
cve
CVE-2014-4344
2014-08-14 05:01:49
prion
prion
Null pointer dereference
2014-08-14 05:01:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos SPNEGO Acceptor acc_ctx_cont Denial of Service (CVE-2014-4344)
2014-09-14 00:00:00
aix
aix
Multiple Security vulnerabilities in IBM NAS
2014-08-28 03:15:00
nessus
nessus
AIX NAS Advisory : nas_advisory1.asc
2014-09-04 00:00:00
RHEL 5 : krb5 (RHSA-2014:1245)
2014-09-16 00:00:00
Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 (20140916)
2014-10-14 00:00:00
ibm
ibm
openvas
openvas
Oracle: Security Advisory (ELSA-2014-1245)
2015-10-06 00:00:00
RedHat Update for krb5 RHSA-2014:1245-01
2014-09-17 00:00:00
CentOS Update for krb5-devel CESA-2014:1245 centos5
2014-10-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:04
Denial Of Service (DoS)
2019-05-02 05:04:04
redhat
redhat
(RHSA-2014:1245) Moderate: krb5 security and bug fix update
2014-09-16 00:00:00
(RHSA-2014:1389) Moderate: krb5 security and bug fix update
2014-10-14 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
oraclelinux
oraclelinux
krb5 security and bug fix update
2014-09-17 00:00:00
krb5 security and bug fix update
2014-10-15 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
centos
centos
krb5 security update
2014-09-30 11:21:52
krb5 security update
2014-10-20 18:09:24
krb5 security update
2015-03-17 13:28:30
mageia
mageia
Updated krb5 package fixes security vulnerabilities
2014-08-22 14:58:14
debian
debian
[SECURITY] [DSA 3000-1] krb5 security update
2014-08-09 14:54:58
[SECURITY] [DSA 3000-1] krb5 security update
2014-08-09 14:54:58
[DLA 37-1] krb5 security update
2014-08-18 17:42:53
osv
osv
krb5 - security update
2014-08-18 00:00:00
krb5 - security update
2014-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: krb5-1.11.5-10.fc20
2014-08-07 15:32:53
[SECURITY] Fedora 20 Update: krb5-1.11.5-11.fc20
2014-08-15 02:45:53
[SECURITY] Fedora 19 Update: krb5-1.11.3-24.fc19
2014-08-07 15:27:20
amazon
amazon
Medium: krb5
2014-11-11 10:25:00
freebsd
freebsd
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2014-08-11 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.117
Percentile
95.3%
Related for DEBIANCVE:CVE-2014-4344