MIT Kerberos 5 (aka krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mit kerberos 5 |
||
fedoraproject fedora 31 |
||
netapp cloud backup - |
||
netapp snapcenter - |
||
netapp oncommand workflow automation - |
||
netapp oncommand insight - |
||
netapp active iq unified manager - |
||
oracle communications offline mediation controller 12.0.0.3.0 |
||
oracle mysql server |
||
oracle communications pricing design center 12.0.0.3.0 |
||
oracle communications cloud native core policy 1.14.0 |