Vulnerabilities

CVE-2015-2697

by Fred · 08/11/2015

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial ‘’ character in a long realm field within a TGS request.

Date published : 2015-11-08

http://www.securityfocus.com/bid/77581

http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252

Similar

Tags: Cybersecurity Alert