CVE-2012-1014

Related Files

Gentoo Linux Security Advisory 201312-12

Posted Dec 17, 2013

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-12 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, allowing execution of arbitrary code or Denial of Service. Versions less than 1.11.4 are affected.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2002-2443, CVE-2012-1014, CVE-2012-1015, CVE-2013-1416, CVE-2013-1417, CVE-2013-1418, CVE-2013-6800

SHA-256 | 2889e0196fe0b9aaeb676d58c3158d721d6a9e4252a764b323f60b1d630fde77

Download | Favorite | View

Debian Security Advisory 2518-1

Posted Aug 1, 2012

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2518-1 - Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT Kerberos, a daemon implementing the network authentication protocol.

tags | advisory, vulnerability, protocol

systems | linux, debian

advisories | CVE-2012-1014, CVE-2012-1015

SHA-256 | c345c3a09eb83c7948689c2f863b0f6c17f32c2ddaaa2bf52d96090953f5df04

Download | Favorite | View

MIT krb5 Security Advisory 2012-001

Posted Aug 1, 2012

Site web.mit.edu

MIT krb5 Security Advisory 2012-001 - The MIT krb5 KDC (Key Distribution Center) daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious code, but exploiting frees of uninitialized pointers to execute code is believed to be difficult. It is possible that a legitimate client that is misconfigured in an unusual way could trigger this vulnerability. The MIT krb5 KDC daemon can dereference an uninitialized pointer while processing a malformed AS-REQ, causing the daemon to abnormally terminate. This vulnerability could theoretically lead to the execution of malicious code, but that is believed to be very difficult.

tags | advisory

advisories | CVE-2012-1014, CVE-2012-1015

SHA-256 | c6e678cd6912090035d37e0e943e9a727bca5c72a814f85c04f9e97cff64c21e

Download | Favorite | View

Ubuntu Security Notice USN-1520-1

Posted Jul 31, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1520-1 - Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could free an uninitialized pointer when handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could dereference an uninitialized pointer while handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2012-1015, CVE-2012-1014, CVE-2012-1013, CVE-2012-1012, CVE-2012-1012, CVE-2012-1013, CVE-2012-1014, CVE-2012-1015

SHA-256 | 230d2bccf2e221f779ebacf8edcc34a5fd7d0176f42f3af106b6b41e010163fd

Download | Favorite | View