PT-2019-4684 · Red Hat+2 · Red Hat+2

Robbie Harwood

Publicado

2019-09-26

Atualizado

2023-02-12

CVE-2019-14844

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Fedora versions 1.16.1 through 1.17.x Red Hat Enterprise Linux (affected versions not specified)

Description The issue exists due to insufficient input validation in the implementation of the Kerberos protocol. It may allow a remote attacker to cause a denial of service. A remote unauthenticated user could exploit this by sending specific RFC 4556 "enctypes" to crash the KDC.

Recommendations For Fedora versions 1.16.1 through 1.17.x, update to a version that includes the fix for this issue. For Red Hat Enterprise Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-628

Identificadores relacionados

ALT-PU-2020-2345

ALT-PU-2020-3405

ALT-PU-2021-2079

BDU:2020-01056

CVE-2019-14844

Produtos afetados

Alt Linux

Fedora

Red Hat

PT-2019-4684 · Red Hat+2 · Red Hat+2

CVE-2019-14844

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14