Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MIT Kerberos 缓冲区错误漏洞
Vulnerability Description
MIT Kerberos是美国麻省理工学院(MIT)的一个用于在网络集群中进行身份验证的软件。Kerberos 同时作为一种网络认证协议,其设计目标是通过密钥系统为客户机 / 服务器应用程序提供强大的认证服务。 MIT Kerberos 5 1.20.2之前版本、1.21.x版本至1.21.1之前版本存在安全漏洞,该漏洞源于lib/kadm5/kadm_rpc_xdr.c释放未初始化的指针,导致kadmind崩溃。
CVSS Information
N/A
Vulnerability Type
N/A