CVE-2014-4342

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (aka krb5) versions 1.7.x through 1.12.x before 1.12.2

Description The issue allows remote attackers to cause a denial of service by injecting invalid tokens into a GSSAPI application session, potentially leading to a buffer over-read or NULL pointer dereference and application crash. This can be exploited by a remote attacker who has passed the authentication procedure, potentially disrupting the confidentiality, integrity, and availability of protected information.

Recommendations For versions 1.7.x through 1.12.x before 1.12.2, update to version 1.12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to GSSAPI application sessions to minimize the risk of exploitation.