Lucene search
Ubuntu.comUB:CVE-2014-4344HistoryJul 21, 2014 - 12:00 a.m.
CVE-2014-4344
2014-07-2100:00:00
ubuntu.com
ubuntu.com
14
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.117
Percentile
95.3%
The acc_ctx_cont function in the SPNEGO acceptor in
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through
1.12.x before 1.12.2 allows remote attackers to cause a denial of service
(NULL pointer dereference and application crash) via an empty continuation
token at a certain point during a SPNEGO negotiation.
Bugs
Related
f5
f5
SOL15561 - Kerberos vulnerability CVE-2014-4344
2014-09-04 00:00:00
K15561 : Kerberos vulnerability CVE-2014-4344
2014-09-04 00:00:00
cvelist
cvelist
CVE-2014-4344
2014-08-14 01:00:00
cve
cve
CVE-2014-4344
2014-08-14 05:01:49
nvd
nvd
CVE-2014-4344
2014-08-14 05:01:49
prion
prion
Null pointer dereference
2014-08-14 05:01:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos SPNEGO Acceptor acc_ctx_cont Denial of Service (CVE-2014-4344)
2014-09-14 00:00:00
debiancve
debiancve
CVE-2014-4344
2014-08-14 05:01:49
nessus
nessus
AIX NAS Advisory : nas_advisory1.asc
2014-09-04 00:00:00
RHEL 5 : krb5 (RHSA-2014:1245)
2014-09-16 00:00:00
Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 (20140916)
2014-10-14 00:00:00
aix
aix
Multiple Security vulnerabilities in IBM NAS
2014-08-28 03:15:00
ibm
ibm
openvas
openvas
Oracle: Security Advisory (ELSA-2014-1245)
2015-10-06 00:00:00
RedHat Update for krb5 RHSA-2014:1245-01
2014-09-17 00:00:00
CentOS Update for krb5-devel CESA-2014:1245 centos5
2014-10-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:04
Denial Of Service (DoS)
2019-05-02 05:04:04
redhat
redhat
(RHSA-2014:1245) Moderate: krb5 security and bug fix update
2014-09-16 00:00:00
(RHSA-2014:1389) Moderate: krb5 security and bug fix update
2014-10-14 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
oraclelinux
oraclelinux
krb5 security and bug fix update
2014-09-17 00:00:00
krb5 security and bug fix update
2014-10-15 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
centos
centos
krb5 security update
2014-09-30 11:21:52
krb5 security update
2014-10-20 18:09:24
krb5 security update
2015-03-17 13:28:30
mageia
mageia
Updated krb5 package fixes security vulnerabilities
2014-08-22 14:58:14
debian
debian
[SECURITY] [DSA 3000-1] krb5 security update
2014-08-09 14:54:58
[SECURITY] [DSA 3000-1] krb5 security update
2014-08-09 14:54:58
[DLA 37-1] krb5 security update
2014-08-18 17:42:53
osv
osv
krb5 - security update
2014-08-18 00:00:00
krb5 - security update
2014-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: krb5-1.11.5-10.fc20
2014-08-07 15:32:53
[SECURITY] Fedora 20 Update: krb5-1.11.5-11.fc20
2014-08-15 02:45:53
[SECURITY] Fedora 19 Update: krb5-1.11.3-24.fc19
2014-08-07 15:27:20
amazon
amazon
Medium: krb5
2014-11-11 10:25:00
ubuntu
ubuntu
Kerberos vulnerabilities
2014-08-11 00:00:00
freebsd
freebsd
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.117
Percentile
95.3%
Related for UB:CVE-2014-4344