CVE-2011-1530

Related Files

Gentoo Linux Security Advisory 201201-13

Posted Jan 24, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-13 - Multiple vulnerabilities have been found in MIT Kerberos 5, the most severe of which may allow remote execution of arbitrary code. Versions less than 1.9.2-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2009-3295, CVE-2009-4212, CVE-2010-0283, CVE-2010-0629, CVE-2010-1320, CVE-2010-1321, CVE-2010-1322, CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4021, CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285, CVE-2011-1527, CVE-2011-1528, CVE-2011-1529, CVE-2011-1530, CVE-2011-4151

SHA-256 | 5fe5b981b497ad572aa4e53428ce29f2dcd53be74dc124715f4b3cff09100dd9

Download | Favorite | View

Mandriva Linux Security Advisory 2011-184

Posted Dec 12, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-184 - The process_tgs_req function in do_tgs_req.c in the Key Distribution Center 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2011-1530

SHA-256 | 4932acaac14fc272e384b8a30871d6a98ebaed4dbd26dd9625c16adf9d22648c

Download | Favorite | View

Ubuntu Security Notice USN-1290-1

Posted Dec 8, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1290-1 - Simo Sorce discovered that a NULL pointer dereference existed in the Kerberos Key Distribution Center (KDC). An authenticated remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2011-1530

SHA-256 | 7ed0fbc4432ed32166067d84ab8cbdd22401e5d3e348a0d58e255c272905e643

Download | Favorite | View

MIT krb5 Security Advisory 2011-007

Posted Dec 7, 2011

Site web.mit.edu

MIT krb5 Security Advisory 2011-007 - In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference in code that handles TGS (Ticket Granting Service) requests. The trigger condition is trivial to produce using unmodified client software, but requires the ability to authenticate as a principal in the KDC's realm.

tags | advisory

advisories | CVE-2011-1530

SHA-256 | 4ca042a5da054adcd94232f80427d3eb47e18bef1cfb4b02d416b3b522988c17

Download | Favorite | View

Red Hat Security Advisory 2011-1790-01

Posted Dec 7, 2011

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1790-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request.

tags | advisory, remote

systems | linux, redhat

advisories | CVE-2011-1530

SHA-256 | 600a23f94d8d538936ba2fa387701973abd9cd00e5bd7b0d998aaff3751e10f7

Download | Favorite | View