CVE-2014-4345
krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
Severity Score
8.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
Error de superación de límite (off-by-one) en la función krb5_encode_krbsecretkey en plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c en el módulo LDAP KDB en kadmind en MIT Kerberos 5 (también conocido como krb5) 1.6.x hasta 1.11.x anterior a 1.11.6 y 1.12.x anterior a 1.12.2 permite a usuarios remotos autenticados causar una denegación de servicio (desbordamiento de buffer) o posiblemente ejecutar código arbitrario a través de una serie de comandos 'cpw -keepold'.
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-06-20 CVE Reserved
- 2014-08-09 CVE Published
- 2024-02-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
- CWE-787: Out-of-bounds Write
CAPEC
References (31)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6 Search vendor "Mit" for product "Kerberos 5" and version "1.6" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.1 Search vendor "Mit" for product "Kerberos 5" and version "1.6.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.2 Search vendor "Mit" for product "Kerberos 5" and version "1.6.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.7 Search vendor "Mit" for product "Kerberos 5" and version "1.7" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.7.1 Search vendor "Mit" for product "Kerberos 5" and version "1.7.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8 Search vendor "Mit" for product "Kerberos 5" and version "1.8" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.1 Search vendor "Mit" for product "Kerberos 5" and version "1.8.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.2 Search vendor "Mit" for product "Kerberos 5" and version "1.8.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.3 Search vendor "Mit" for product "Kerberos 5" and version "1.8.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.4 Search vendor "Mit" for product "Kerberos 5" and version "1.8.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.5 Search vendor "Mit" for product "Kerberos 5" and version "1.8.5" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.8.6 Search vendor "Mit" for product "Kerberos 5" and version "1.8.6" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9 Search vendor "Mit" for product "Kerberos 5" and version "1.9" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9.1 Search vendor "Mit" for product "Kerberos 5" and version "1.9.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9.2 Search vendor "Mit" for product "Kerberos 5" and version "1.9.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9.3 Search vendor "Mit" for product "Kerberos 5" and version "1.9.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.9.4 Search vendor "Mit" for product "Kerberos 5" and version "1.9.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.10 Search vendor "Mit" for product "Kerberos 5" and version "1.10" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.10.1 Search vendor "Mit" for product "Kerberos 5" and version "1.10.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.10.2 Search vendor "Mit" for product "Kerberos 5" and version "1.10.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.10.3 Search vendor "Mit" for product "Kerberos 5" and version "1.10.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.10.4 Search vendor "Mit" for product "Kerberos 5" and version "1.10.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11 Search vendor "Mit" for product "Kerberos 5" and version "1.11" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11.1 Search vendor "Mit" for product "Kerberos 5" and version "1.11.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11.2 Search vendor "Mit" for product "Kerberos 5" and version "1.11.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11.3 Search vendor "Mit" for product "Kerberos 5" and version "1.11.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11.4 Search vendor "Mit" for product "Kerberos 5" and version "1.11.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.11.5 Search vendor "Mit" for product "Kerberos 5" and version "1.11.5" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.12 Search vendor "Mit" for product "Kerberos 5" and version "1.12" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.12.1 Search vendor "Mit" for product "Kerberos 5" and version "1.12.1" | - |
Affected
| ||||||