ALAS-2012-114 --- krb5ID: oval:org.secpod.oval:def:1601275 | Date: (C)2020-11-27 (M)2021-09-11 |
Class: PATCH | Family: unix |
An uninitialized pointer use flaw was found in the way the MIT Kerberos KDC handled initial authentication requests . A remote, unauthenticated attacker could use this flaw to crash the KDC via a specially-crafted AS-REQ request. A NULL pointer dereference flaw was found in the MIT Kerberos administration daemon, kadmind. A Kerberos administrator who has the "create" privilege could use this flaw to crash kadmind
Platform: |
Amazon Linux AMI |