CVE-2019-14844

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Fedora versions 1.16.1 through 1.17.x Red Hat Enterprise Linux (affected versions not specified)

Description The issue exists due to insufficient input validation in the implementation of the Kerberos protocol. It may allow a remote attacker to cause a denial of service. A remote unauthenticated user could exploit this by sending specific RFC 4556 "enctypes" to crash the KDC.

Recommendations For Fedora versions 1.16.1 through 1.17.x, update to a version that includes the fix for this issue. For Red Hat Enterprise Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-628

Related Identifiers

ALT-PU-2020-2345

ALT-PU-2020-3405

ALT-PU-2021-2079

BDU:2020-01056

CVE-2019-14844

Affected Products

Alt Linux

Fedora

Red Hat

CVE-2019-14844

Weakness Enumeration

Related Identifiers

Affected Products

References · 14