Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MIT Kerberos 资源管理错误漏洞
Vulnerability Description
MIT Kerberos是美国麻省理工学院(MIT)的一个用于在网络集群中进行身份验证的软件。Kerberos 同时作为一种网络认证协议,其设计目标是通过密钥系统为客户机 / 服务器应用程序提供强大的认证服务。 MIT Kerberos 5( krb5)1.21.2 之前版本存在安全漏洞,该漏洞源于kdc/do_tgs_req.c 中具有双重释放,如果经过身份验证的用户触发授权数据处理失败,则导致该双重释放。
CVSS Information
N/A
Vulnerability Type
N/A