CVE-2011-0281
krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a
sequence.
La implementación unparse en el Key Distribution Center (KDC) de MIT Kerberos v5 (también conocido como krb5) v1.6.x a v1.9, cuando se usa un backend LDAP, permite a atacantes remotos provocar una denegación de servicio (agotamiento de descriptor de archivo y bloqueo del demonio) a través de un nombre principal que desencadena el uso de una secuencia de escape barra diagonal inversa, como se demuestra por una secuencia de
.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-01-03 CVE Reserved
- 2011-02-09 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (24)
URL | Tag | Source |
---|---|---|
http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html | Mailing List | |
http://secunia.com/advisories/46397 | Third Party Advisory | |
http://securityreason.com/securityalert/8073 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/516299/100/0/threaded | Mailing List | |
http://www.securityfocus.com/archive/1/520102/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/46265 | Vdb Entry | |
http://www.securitytracker.com/id?1025037 | Vdb Entry | |
http://www.vmware.com/security/advisories/VMSA-2011-0012.html | X_refsource_confirm | |
http://www.vupen.com/english/advisories/2011/0464 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/65324 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mit Search vendor "Mit" | Kerberos Search vendor "Mit" for product "Kerberos" | 5-1.6.3 Search vendor "Mit" for product "Kerberos" and version "5-1.6.3" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6 Search vendor "Mit" for product "Kerberos 5" and version "1.6" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.1 Search vendor "Mit" for product "Kerberos 5" and version "1.6.1" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.2 Search vendor "Mit" for product "Kerberos 5" and version "1.6.2" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.7 Search vendor "Mit" for product "Kerberos 5" and version "1.7" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.7.1 Search vendor "Mit" for product "Kerberos 5" and version "1.7.1" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8 Search vendor "Mit" for product "Kerberos 5" and version "1.8" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.1 Search vendor "Mit" for product "Kerberos 5" and version "1.8.1" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.2 Search vendor "Mit" for product "Kerberos 5" and version "1.8.2" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.3 Search vendor "Mit" for product "Kerberos 5" and version "1.8.3" | - |
Affected
| ||||||
Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9 Search vendor "Mit" for product "Kerberos 5" and version "1.9" | - |
Affected
|