Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-5354HistoryDec 16, 2014 - 11:59 p.m.
CVE-2014-5354
2014-12-1623:59:01
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
EPSS
0.009
Percentile
82.4%
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin “add_principal -nokey” or “purgekeys -all” command.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 11 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 999 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
| Debian | 13 | all | krb5 | < 1.12.1+dfsg-16 | krb5_1.12.1+dfsg-16_all.deb |
Related
nvd
nvd
CVE-2014-5354
2014-12-16 23:59:01
cve
cve
CVE-2014-5354
2014-12-16 23:59:01
prion
prion
Null pointer dereference
2014-12-16 23:59:00
cvelist
cvelist
CVE-2014-5354
2014-12-16 23:00:00
ubuntucve
ubuntucve
CVE-2014-5354
2014-12-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.13-alt2
2014-12-23 00:00:00
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-12 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
nessus
nessus
FreeBSD : krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 (3a888a1e-b321-11e4-83b2-206a8a720317)
2015-02-13 00:00:00
openSUSE Security Update : krb5 (openSUSE-2015-246)
2015-03-20 00:00:00
SUSE SLED11 / SLES11 Security Update : krb5 (SUSE-SU-2015:1282-1)
2015-07-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1282-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1276-1)
2021-04-19 00:00:00
Fedora Update for krb5 FEDORA-2015-2347
2015-03-13 00:00:00
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
oraclelinux
oraclelinux
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
EPSS
0.009
Percentile
82.4%
Related for DEBIANCVE:CVE-2014-5354