CVE-2003-0058

Name of the Vulnerable Software and Affected Versions krb5-workstation versions 1.1.1 through 1.2.2 krb5-devel versions 1.1.1 through 1.2.2 krb5-configs version 1.1.1 krb5-server versions 1.1.1 through 1.2.2 krb5-libs version 1.1.1 MIT Kerberos V5 Key Distribution Center (KDC) versions prior to 1.2.5

Description The issue affects the confidentiality, integrity, and availability of protected information. Exploitation of the vulnerabilities can be done remotely. The MIT Kerberos V5 Key Distribution Center (KDC) is vulnerable to a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

Recommendations For krb5-workstation versions 1.1.1 through 1.2.2, update to a version later than 1.2.2. For krb5-devel versions 1.1.1 through 1.2.2, update to a version later than 1.2.2. For krb5-configs version 1.1.1, update to a version later than 1.1.1. For krb5-server versions 1.1.1 through 1.2.2, update to a version later than 1.2.2. For krb5-libs version 1.1.1, update to a version later than 1.1.1. For MIT Kerberos V5 Key Distribution Center (KDC) versions prior to 1.2.5, update to version 1.2.5 or later.