Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
MIT krb5 安全漏洞
Vulnerability Description
MIT krb5(MIT Kerberos 5)是美国麻省理工(Massachusetts Institute Of Technology)大学的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。 MIT krb5存在安全漏洞,该漏洞源于增量传播Iprop日志文件中的缓冲区溢出,可能导致拒绝服务和代码执行。
CVSS Information
N/A
Vulnerability Type
N/A