CVE-2014-4341
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.1445 (14.5%)
Percentil: 94.5%
EPSS: 2026-05-06
Afecta
mit:kerberos_5redhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_tusredhat:enterprise_linux_workstationdebian:debian_linuxfedoraproject:fedoraDescripción técnica
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
Publicada: 20/7/2014, 11:12:50
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://advisories.mageia.org/MGASA-2014-0345.html
- http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc
- http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949
- http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html
- http://rhn.redhat.com/errata/RHSA-2015-0439.html
- http://secunia.com/advisories/59102
- http://secunia.com/advisories/60082
- http://secunia.com/advisories/60448