Back to search
CVE-2011-0284
Published: Mar 20, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2011-0680
vdb-entry
x_refsource_VUPEN
VU#943220
third-party-advisory
x_refsource_CERT-VN
ADV-2011-0673
vdb-entry
x_refsource_VUPEN
46881
vdb-entry
x_refsource_BID
FEDORA-2011-3462
vendor-advisory
x_refsource_FEDORA
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
x_refsource_CONFIRM
kerberos-perpareerroras-code-execution(66101)
vdb-entry
x_refsource_XF
SUSE-SR:2011:005
vendor-advisory
x_refsource_SUSE
ADV-2011-0722
vdb-entry
x_refsource_VUPEN
ADV-2011-0763
vdb-entry
x_refsource_VUPEN
USN-1088-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2011-3547
vendor-advisory
x_refsource_FEDORA
FEDORA-2011-3464
vendor-advisory
x_refsource_FEDORA
43700
third-party-advisory
x_refsource_SECUNIA
MDVSA-2011:048
vendor-advisory
x_refsource_MANDRIVA
RHSA-2011:0356
vendor-advisory
x_refsource_REDHAT
ADV-2011-0672
vdb-entry
x_refsource_VUPEN
43783
third-party-advisory
x_refsource_SECUNIA
43760
third-party-advisory
x_refsource_SECUNIA
71183
vdb-entry
x_refsource_OSVDB
20110315 MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled
mailing-list
x_refsource_BUGTRAQ
1025216
vdb-entry
x_refsource_SECTRACK
43881
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now