// For flags

CVE-2011-0282

krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002)

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.

El Key Distribution Center (KDC) en MIT Kerberos 5 (también conocido como krb5) v1.6.x hasta v1.9 cuando un se utiliza un backend LDAP, permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo o sobre-lectura, y caída de demonio) a través de un nombre principal manipulada.

Keiichi Mori discovered that the MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial of service attack due to improper logic when a worker child process exited because of invalid network input. This could only occur when kpropd is running in standalone mode; kpropd was not affected when running in incremental propagation mode ("iprop") or as an inetd server. This issue only affects Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. Kevin Longfellow and others discovered that the MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks when using an LDAP back end due to improper handling of network input.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-01-03 CVE Reserved
  • 2011-02-09 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (23)
URL Tag Source
http://secunia.com/advisories/46397 Third Party Advisory
http://securityreason.com/securityalert/8073 Third Party Advisory
http://www.securityfocus.com/archive/1/516299/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/520102/100/0/threaded Mailing List
http://www.securityfocus.com/bid/46271 Vdb Entry
http://www.securitytracker.com/id?1025037 Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2011-0012.html X_refsource_confirm
http://www.vupen.com/english/advisories/2011/0464 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/65323 Vdb Entry
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html 2020-01-21
http://secunia.com/advisories/43260 2020-01-21
http://secunia.com/advisories/43273 2020-01-21
http://secunia.com/advisories/43275 2020-01-21
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt 2020-01-21
http://www.mandriva.com/security/advisories?name=MDVSA-2011:024 2020-01-21
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025 2020-01-21
http://www.redhat.com/support/errata/RHSA-2011-0199.html 2020-01-21
http://www.redhat.com/support/errata/RHSA-2011-0200.html 2020-01-21
http://www.vupen.com/english/advisories/2011/0330 2020-01-21
http://www.vupen.com/english/advisories/2011/0333 2020-01-21
http://www.vupen.com/english/advisories/2011/0347 2020-01-21
https://access.redhat.com/security/cve/CVE-2011-0282 2011-02-08
https://bugzilla.redhat.com/show_bug.cgi?id=668726 2011-02-08
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mit
Search vendor "Mit"
 Kerberos
Search vendor "Mit" for product "Kerberos"
 5-1.6.3
Search vendor "Mit" for product "Kerberos" and version "5-1.6.3"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.6
Search vendor "Mit" for product "Kerberos 5" and version "1.6"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.6.1
Search vendor "Mit" for product "Kerberos 5" and version "1.6.1"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.6.2
Search vendor "Mit" for product "Kerberos 5" and version "1.6.2"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.7
Search vendor "Mit" for product "Kerberos 5" and version "1.7"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.7.1
Search vendor "Mit" for product "Kerberos 5" and version "1.7.1"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8
Search vendor "Mit" for product "Kerberos 5" and version "1.8"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.1
Search vendor "Mit" for product "Kerberos 5" and version "1.8.1"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.2
Search vendor "Mit" for product "Kerberos 5" and version "1.8.2"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.3
Search vendor "Mit" for product "Kerberos 5" and version "1.8.3"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.9
Search vendor "Mit" for product "Kerberos 5" and version "1.9"
-
Affected