Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-2697HistoryNov 09, 2015 - 3:59 a.m.
CVE-2015-2697
2015-11-0903:59:03
Debian Security Bug Tracker
security-tracker.debian.org
7
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
0.835
Percentile
98.5%
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial ‘\0’ character in a long realm field within a TGS request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.13.2+dfsg-3 | krb5_1.13.2+dfsg-3_all.deb |
| Debian | 11 | all | krb5 | < 1.13.2+dfsg-3 | krb5_1.13.2+dfsg-3_all.deb |
| Debian | 999 | all | krb5 | < 1.13.2+dfsg-3 | krb5_1.13.2+dfsg-3_all.deb |
| Debian | 13 | all | krb5 | < 1.13.2+dfsg-3 | krb5_1.13.2+dfsg-3_all.deb |
Related
ubuntucve
ubuntucve
CVE-2015-2697
2015-11-08 00:00:00
debian
debian
[SECURITY] [DSA 3395-2] krb5 security update
2015-11-12 21:11:36
[SECURITY] [DSA 3395-2] krb5 security update
2015-11-12 21:11:36
[SECURITY] [DLA 340-1] krb5 security update
2015-11-07 18:22:33
cve
cve
CVE-2015-2697
2015-11-09 03:59:03
nvd
nvd
CVE-2015-2697
2015-11-09 03:59:03
prion
prion
Out-of-bounds
2015-11-09 03:59:00
cvelist
cvelist
CVE-2015-2697
2015-11-09 02:00:00
nessus
nessus
Debian DLA-340-1 : krb5 security update
2015-11-09 00:00:00
SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:1897-1)
2015-11-05 00:00:00
openSUSE Security Update : krb5 (openSUSE-2015-709)
2015-11-09 00:00:00
osv
osv
krb5 - security update
2015-11-07 00:00:00
krb5 - security update
2015-11-06 00:00:00
krb5 - security update
2015-11-06 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-340-1)
2023-03-08 00:00:00
SUSE: Security Advisory for krb5 (SUSE-SU-2015:1897-1)
2015-11-05 00:00:00
openSUSE: Security Advisory for krb5 (openSUSE-SU-2015:1928-1)
2015-11-07 00:00:00
suse
suse
Security update for krb5 (important)
2015-11-16 11:12:28
Security update for krb5 (important)
2015-11-06 18:12:23
Security update for krb5 (important)
2015-11-04 10:11:32
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2016-11-20 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: krb5-1.13.2-12.fc23
2015-11-02 18:55:23
[SECURITY] Fedora 21 Update: krb5-1.12.2-19.fc21
2015-11-24 22:51:08
[SECURITY] Fedora 22 Update: krb5-1.13.2-10.fc22
2015-11-19 12:25:51
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-11-07 23:11:27
ubuntu
ubuntu
Kerberos vulnerabilities
2015-11-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.14.2-alt1
2016-04-25 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.14.2-alt1
2016-04-26 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13.7-alt0.M70P.1
2017-04-13 00:00:00
ibm
ibm
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
0.835
Percentile
98.5%
Related for DEBIANCVE:CVE-2015-2697