CVE-2011-0281

krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002)

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a
sequence.

La implementación unparse en el Key Distribution Center (KDC) de MIT Kerberos v5 (también conocido como krb5) v1.6.x a v1.9, cuando se usa un backend LDAP, permite a atacantes remotos provocar una denegación de servicio (agotamiento de descriptor de archivo y bloqueo del demonio) a través de un nombre principal que desencadena el uso de una secuencia de escape barra diagonal inversa, como se demuestra por una secuencia de
.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-01-03 CVE Reserved
2011-02-10 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-310: Cryptographic Issues

CAPEC

References (24)

URL	Tag	Source
http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html	Mailing List
http://secunia.com/advisories/46397	Third Party Advisory
http://securityreason.com/securityalert/8073	Third Party Advisory
http://www.securityfocus.com/archive/1/516299/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/520102/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/46265	Vdb Entry
http://www.securitytracker.com/id?1025037	Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2011-0012.html	X_refsource_confirm
http://www.vupen.com/english/advisories/2011/0464	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/65324	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html	2020-01-21
http://secunia.com/advisories/43260	2020-01-21
http://secunia.com/advisories/43273	2020-01-21
http://secunia.com/advisories/43275	2020-01-21
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt	2020-01-21
http://www.mandriva.com/security/advisories?name=MDVSA-2011:024	2020-01-21
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025	2020-01-21
http://www.redhat.com/support/errata/RHSA-2011-0199.html	2020-01-21
http://www.redhat.com/support/errata/RHSA-2011-0200.html	2020-01-21
http://www.vupen.com/english/advisories/2011/0330	2020-01-21
http://www.vupen.com/english/advisories/2011/0333	2020-01-21
http://www.vupen.com/english/advisories/2011/0347	2020-01-21
https://access.redhat.com/security/cve/CVE-2011-0281	2011-02-08
https://bugzilla.redhat.com/show_bug.cgi?id=668719	2011-02-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mit Search vendor "Mit"		Kerberos Search vendor "Mit" for product "Kerberos"				5-1.6.3 Search vendor "Mit" for product "Kerberos" and version "5-1.6.3"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.6 Search vendor "Mit" for product "Kerberos 5" and version "1.6"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.6.1 Search vendor "Mit" for product "Kerberos 5" and version "1.6.1"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.6.2 Search vendor "Mit" for product "Kerberos 5" and version "1.6.2"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.7 Search vendor "Mit" for product "Kerberos 5" and version "1.7"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.7.1 Search vendor "Mit" for product "Kerberos 5" and version "1.7.1"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.8 Search vendor "Mit" for product "Kerberos 5" and version "1.8"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.8.1 Search vendor "Mit" for product "Kerberos 5" and version "1.8.1"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.8.2 Search vendor "Mit" for product "Kerberos 5" and version "1.8.2"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.8.3 Search vendor "Mit" for product "Kerberos 5" and version "1.8.3"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				1.9 Search vendor "Mit" for product "Kerberos 5" and version "1.9"		-		Affected