Showing 1 - 4 of 4

CVE-2011-0284

Status Candidate

Overview

Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.

Related Files

Gentoo Linux Security Advisory 201201-13: Posted Jan 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201201-13 - Multiple vulnerabilities have been found in MIT Kerberos 5, the most severe of which may allow remote execution of arbitrary code. Versions less than 1.9.2-r1 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2009-3295, CVE-2009-4212, CVE-2010-0283, CVE-2010-0629, CVE-2010-1320, CVE-2010-1321, CVE-2010-1322, CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4021, CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285, CVE-2011-1527, CVE-2011-1528, CVE-2011-1529, CVE-2011-1530, CVE-2011-4151; SHA-256 | 5fe5b981b497ad572aa4e53428ce29f2dcd53be74dc124715f4b3cff09100dd9; Download | Favorite | View

Mandriva Linux Security Advisory 2011-048: Posted Mar 18, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-048 - The MIT Kerberos 5 Key Distribution Center daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication capability is enabled, resulting in daemon crash or arbitrary code execution. The updated packages have been patched to correct this issue.; tags | advisory, arbitrary, code execution; systems | linux, mandriva; advisories | CVE-2011-0284; SHA-256 | 8f16e65acd90e46a20687b79671d9368ac8dab31b74ae57187de4029b78a1b7b; Download | Favorite | View

MIT krb5 Security Advisory 2011-003: Posted Mar 16, 2011; Site web.mit.edu; MIT krb5 Security Advisory 2011-003 - The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication (PKINIT) capability is enabled, resulting in daemon crash or arbitrary code execution (which is believed to be difficult).; tags | advisory, arbitrary, code execution; advisories | CVE-2011-0284; SHA-256 | b0ca25ea27a1f31338f24d60a05c7d8d56f653b8316aaf2ac49d655c3abd9ae7; Download | Favorite | View

Ubuntu Security Notice USN-1088-1: Posted Mar 16, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1088-1 - Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication (PKINIT) capability is enabled. This could allow a remote attacker to cause a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2011-0284; SHA-256 | eb748ff1ea1b858e0d288934566d4d38ddd39892f0b180a86f346cc403fd7926; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2011-0284

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems