Threat Encyclopedia

MIT.Kerberos.5.kadmind.Null.Pointer.DoS

description-logoDescription

This indicates an attack attempt against a Denial-of-Service vulnerability in MIT Kerberos.
The vulnerability is caused by improper boundary checking in the logging function of the Kerberos Administration Server (kadmind). A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

affected-products-logoAffected Products

MIT Kerberos 5 1.14.x to 1.14.1
MIT Kerberos 5 1.13.4

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://diswww.mit.edu:8008/menelaus.mit.edu/cvs-krb5/29335

CVE References

CVE-2016-3119