Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-5353HistoryDec 16, 2014 - 11:59 p.m.
CVE-2014-5353
2014-12-1623:59:00
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
EPSS
0.008
Percentile
82.3%
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 11 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 999 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 13 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
Related
nessus
nessus
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0536)
2022-01-28 00:00:00
Fedora Update for krb5 FEDORA-2015-5949
2015-07-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1282-1)
2021-06-09 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:009 ] krb5
2015-01-13 00:00:00
MIT Kerberos 5 DoS
2015-01-13 00:00:00
cvelist
cvelist
CVE-2014-5353
2014-12-16 23:00:00
veracode
veracode
Denial Of Service (DoS)
2018-08-13 03:20:21
Arbitrary Code Execution
2019-05-02 05:13:02
ubuntucve
ubuntucve
CVE-2014-5353
2014-12-16 00:00:00
prion
prion
Design/Logic Flaw
2014-12-16 23:59:00
mageia
mageia
Updated krb5 packages fix CVE-2014-5353
2014-12-19 18:06:35
nvd
nvd
CVE-2014-5353
2014-12-16 23:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: krb5-1.13.1-2.fc22
2015-04-22 22:50:11
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
cve
cve
CVE-2014-5353
2014-12-16 23:59:00
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt2
2014-12-23 00:00:00
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-12 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
amazon
amazon
Medium: krb5
2015-05-05 15:44:00
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
ibm
ibm
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
osv
osv
krb5 - security update
2018-01-31 00:00:00
debian
debian
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:34
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
EPSS
0.008
Percentile
82.3%
Related for DEBIANCVE:CVE-2014-5353