MIT.Kerberos.5.KDC.PCKP.NULL.Pointer.Dereference.DoS

description-logoDescription

This indicates an attack attempt against a Denial of Service vulnerability in MIT Kerberos 5 KDC server.
The vulnerability is due to an error in pkinit_check_kdc_pkid function when the vulnerable software handles malformed requests. A remote attacker may be able to exploit this to cause a denial of service condition to the vulnerable server, via a crafted request.

affected-products-logoAffected Products

MIT Kerberos 5 Prior to 1.11.1

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the website.
http://web.mit.edu/kerberos/krb5-1.11/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)