1
PublicDateAtUSN: 2011-12-06
2
Candidate: CVE-2011-1530
5
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txt
6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530
7
https://usn.ubuntu.com/usn/usn-1290-1
9
The process_tgs_req function in do_tgs_req.c in the Key Distribution Center
10
(KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote
11
authenticated users to cause a denial of service (NULL pointer dereference
12
and daemon crash) via a crafted TGS request that triggers an error other
13
than the KRB5_KDB_NOENTRY error.
22
upstream: http://web.mit.edu/kerberos/advisories/2011-007-patch.txt
23
upstream_krb5: released (1.10+dfsg~alpha1-7)
24
hardy_krb5: not-affected (1.9.x only)
25
lucid_krb5: not-affected (1.9.x only)
26
maverick_krb5: not-affected (1.9.x only)
27
natty_krb5: not-affected (1.9.x only)
28
oneiric_krb5: released (1.9.1+dfsg-1ubuntu2.2)
29
devel_krb5: not-affected (1.10+dfsg~beta1-2)