CVE-2011-1529
krb5: KDC denial of service vulnerabilities (MITKRB5-SA-2011-006)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
La function lookup_lockout_policy function del centro de distribución de claves (“Key Distribution Center” o KDC) en MIT Kerberos 5 (krb5) 1.8 hasta la version 1.8.4 y 1.9 hasta la 1.9.1, si db2 (Berkeley DB) o el back end LDAP es utilizado, permite a atacantes remotos provocar una denegación de servicio (resolución de puntero NULL y caída del demonio) a través de vectores que provocan determinados errores process_as_req.
The kdb_ldap plugin in the Key Distribution Center in MIT Kerberos 5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions. The krb5_ldap_lockout_audit function in the Key Distribution Center 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via unspecified vectors, related to the locked_check_p function. The lookup_lockout_policy function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. The updated packages have been patched to correct these issues.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-03-29 CVE Reserved
- 2011-10-19 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/659251 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8 Search vendor "Mit" for product "Kerberos 5" and version "1.8" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.1 Search vendor "Mit" for product "Kerberos 5" and version "1.8.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.2 Search vendor "Mit" for product "Kerberos 5" and version "1.8.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.3 Search vendor "Mit" for product "Kerberos 5" and version "1.8.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.4 Search vendor "Mit" for product "Kerberos 5" and version "1.8.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9 Search vendor "Mit" for product "Kerberos 5" and version "1.9" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9.1 Search vendor "Mit" for product "Kerberos 5" and version "1.9.1" | - |
Affected
| ||||||