Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2011-1530

Published: 08/12/2011 Updated: 09/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
VMScore: 605
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Subscribe to Mit Kerberos

Vulnerability Summary

The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 up to and including 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.

Vulnerable Product Search on Vulmon Subscribe to Product

mit mit kerberos 5.1.9.2

mit mit kerberos 5.1.9

mit mit kerberos 5.1.9.1

Vendor Advisories

Red Hat: Moderate: krb5 security update
Synopsis Moderate: krb5 security update Type/Severity Security Advisory: Moderate Topic Updated krb5 packages that fix one security issue are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerability Scoring ...
Ubuntu Security Notice: krb5 vulnerability
The Kerberos Key Distribution Center (KDC) could be made to crash ...
Amazon Linux AMI: ALAS-2011-028
A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS (Ticket-granting Server) requests A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request (CVE-2011-1530) ...

References

CWE-399http://securitytracker.com/id?1026374http://secunia.com/advisories/47124http://www.securityfocus.com/bid/50929http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txthttp://www.redhat.com/support/errata/RHSA-2011-1790.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:184https://exchange.xforce.ibmcloud.com/vulnerabilities/71655http://www.securityfocus.com/archive/1/520756/100/0/threadedhttps://access.redhat.com/errata/RHSA-2011:1790https://usn.ubuntu.com/1290-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook