PT-2011-1167 · Mit · Mit Kerberos 5

Published

2011-10-20

Updated

2020-01-21

CVE-2011-4151

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 versions 1.8 through 1.8.4 MIT Kerberos 5 versions prior to 1.9.2

Description The issue affects the Key Distribution Center (KDC) in MIT Kerberos 5 when the db2 back end is used, allowing remote attackers to cause a denial of service via unspecified vectors. Multiple vulnerabilities in the mit-krb5 package can lead to violations of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For versions 1.8 through 1.8.4, update to a version later than 1.8.4 to resolve the issue. For versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2015-09426

CVE-2011-4151

Affected Products

Mit Kerberos 5

PT-2011-1167 · Mit · Mit Kerberos 5

CVE-2011-4151

Weakness Enumeration

Related Identifiers

Affected Products

References · 9