Computer Security
[EN] securityvulns.ru no-pyccku


MIT Kerberos 5 DoS
Published:13.01.2015
Source:
SecurityVulns ID:14201
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference then LDAP is used.
Affected:MIT : krb5 1.13
CVE:CVE-2014-5353 (The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:009 ] krb5 (13.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod