7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.015 Low
EPSS
Percentile
86.9%
libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE
Linux Enterprise Server 10 SP 1, terminates upon an initialization error,
which allows remote attackers to cause a denial of service (daemon exit)
via a GSS-TSIG request. NOTE: this issue probably affects other daemons
that attempt to initialize this library within a chroot configuration or
other invalid configuration.