CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
95.6%
The do_standalone function in the MIT krb5 KDC database propagation daemon
(kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode,
does not properly handle when a worker child process “exits abnormally,”
which allows remote attackers to cause a denial of service (listening
process termination, no new connections, and lack of updates in slave KVC)
via unspecified vectors.