CVE-2011-0281

Severity

50%

Complexity

99%

Confidentiality

48%

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

Mit Kerberos 5

First reported 14 years ago

2011-02-10 18:00:00

Last updated 5 years ago

2020-01-21 15:46:00

Affected Software

Mit Kerberos 5 1.6

1.6

Mit Kerberos 5 1.6.1

1.6.1

Mit Kerberos 5 1.6.2

1.6.2

Mit Kerberos 5 1.7

1.7

Mit Kerberos 5 1.7.1

1.7.1

Mit Kerberos 5 1.8

1.8

Mit Kerberos 5 1.8.1

1.8.1

Mit Kerberos 5 1.8.2

1.8.2

Mit Kerberos 5 1.8.3

1.8.3

Mit Kerberos 5 1.9

1.9

References

SUSE-SR:2011:004

[kerberos] 20101222 LDAP handle unavailable: Can't contact LDAP server

43260

Vendor Advisory

43273

Vendor Advisory

43275

Vendor Advisory

46397

8073

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt

Vendor Advisory

MDVSA-2011:024

MDVSA-2011:025

RHSA-2011:0199

RHSA-2011:0200

20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]

20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console

46265

1025037

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

ADV-2011-0330

Vendor Advisory

ADV-2011-0333

Vendor Advisory

ADV-2011-0347

Vendor Advisory

ADV-2011-0464

kerberos-ldap-descriptor-dos(65324)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.