CVE-2011-0281 in Kerberosinfo

Summary

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

01/03/2011

Disclosure

02/10/2011

Moderation

VulDB entry created

Entries

VDB-56438 (1)

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

5.3

EPSS

0.10754

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-0281
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-0281
CVE Details	https://www.cvedetails.com/cve/CVE-2011-0281/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!