Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2011-0281
Beschreibung:The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.68842   1.3.6.1.4.1.25623.1.0.68884   1.3.6.1.4.1.25623.1.0.68885   1.3.6.1.4.1.25623.1.0.69205   1.3.6.1.4.1.25623.1.0.69597   1.3.6.1.4.1.25623.1.0.881341   1.3.6.1.4.1.25623.1.0.880501   1.3.6.1.4.1.25623.1.0.870723   1.3.6.1.4.1.25623.1.0.870391  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2011-0281
BugTraq ID: 46265
http://www.securityfocus.com/bid/46265
Bugtraq: 20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] (Google Search)
http://www.securityfocus.com/archive/1/516299/100/0/threaded
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2011:024
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025
http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html
RedHat Security Advisories: RHSA-2011:0199
http://www.redhat.com/support/errata/RHSA-2011-0199.html
RedHat Security Advisories: RHSA-2011:0200
http://www.redhat.com/support/errata/RHSA-2011-0200.html
http://www.securitytracker.com/id?1025037
http://secunia.com/advisories/43260
http://secunia.com/advisories/43273
http://secunia.com/advisories/43275
http://secunia.com/advisories/46397
http://securityreason.com/securityalert/8073
SuSE Security Announcement: SUSE-SR:2011:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
http://www.vupen.com/english/advisories/2011/0330
http://www.vupen.com/english/advisories/2011/0333
http://www.vupen.com/english/advisories/2011/0347
http://www.vupen.com/english/advisories/2011/0464
XForce ISS Database: kerberos-ldap-descriptor-dos(65324)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65324




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.