Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-5354
HistoryDec 16, 2014 - 12:00 a.m.

CVE-2014-5354

2014-12-1600:00:00
ubuntu.com
ubuntu.com
16

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.009

Percentile

82.4%

JSON

plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5)
1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote
authenticated users to cause a denial of service (NULL pointer dereference
and daemon crash) by creating a database entry for a keyless principal, as
demonstrated by a kadmin “add_principal -nokey” or “purgekeys -all”
command.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchkrb5< 1.8.1+dfsg-2ubuntu0.14UNKNOWN
ubuntu12.04noarchkrb5< 1.10+dfsg~beta1-2ubuntu0.6UNKNOWN
ubuntu14.04noarchkrb5< 1.12+dfsg-2ubuntu5.1UNKNOWN
ubuntu14.10noarchkrb5< 1.12.1+dfsg-10ubuntu0.1UNKNOWN

Related

debiancve 1
nvd 1
cve 1
prion 1
cvelist 1
altlinux 3
nessus 7
freebsd 3
openvas 6
archlinux 1
fedora 2
ubuntu 1
oraclelinux 1
debiancve
debiancve
CVE-2014-5354
2014-12-16 23:59:01
nvd
nvd
CVE-2014-5354
2014-12-16 23:59:01
cve
cve
CVE-2014-5354
2014-12-16 23:59:01
prion
prion
Null pointer dereference
2014-12-16 23:59:00
cvelist
cvelist
CVE-2014-5354
2014-12-16 23:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 8 package krb5 version 1.13-alt2
2014-12-23 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt2
2014-12-23 00:00:00
nessus
nessus
FreeBSD : krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 (3a888a1e-b321-11e4-83b2-206a8a720317)
2015-02-13 00:00:00
openSUSE Security Update : krb5 (openSUSE-2015-246)
2015-03-20 00:00:00
SUSE SLED11 / SLES11 Security Update : krb5 (SUSE-SU-2015:1282-1)
2015-07-24 00:00:00
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-12 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1282-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1276-1)
2021-04-19 00:00:00
Fedora Update for krb5 FEDORA-2015-2347
2015-03-13 00:00:00
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
oraclelinux
oraclelinux
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.009

Percentile

82.4%

JSON
Related for UB:CVE-2014-5354
debiancve1nvd1cve1prion1cvelist1altlinux3nessus7freebsd3openvas6archlinux1fedora2ubuntu1oraclelinux1