Kevin Longfellow

**Name of the Vulnerable Software and Affected Versions** MIT Kerberos 5 versions 1.6.x through 1.9 **Description** The issue allows remote attackers to cause a denial of service, specifically file descriptor exhaustion and daemon hang, when an LDAP backend is used in the Key Distribution Center (KDC) implementation. This can be triggered by a principal name that includes a backslash escape sequence, such as a ` ` sequence. Multiple vulnerabilities in the mit-krb5 package may lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely. **Recommendations** For versions 1.6.x through 1.9, update to a version newer than 1.9, specifically 1.9.2-r1 or later, to resolve the issue. As a temporary workaround, consider restricting the use of backslash escape sequences in principal names to minimize the risk of exploitation.