Lucene search

K

RedosROS-20240405-04

HistoryApr 05, 2024 - 12:00 a.m.

ROS-20240405-04

2024-04-0500:00:00

redos.red-soft.ru

6

kerberos

network protocol

vulnerability

remote attack

denial of service

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

A vulnerability in the lib/kadm5/kadm_rpc_xdr.c file of the Kerberos network protocol implementation is related to the release of an
an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting
remotely to cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64krb5-server<= 1.20.1-2UNKNOWN

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

Related for ROS-20240405-04