CVE - CVE-2011-0284

CVE-ID
CVE-2011-0284	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:46881 URL:http://www.securityfocus.com/bid/46881 BUGTRAQ:20110315 MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled URL:http://www.securityfocus.com/archive/1/517029/100/0/threaded CERT-VN:VU#943220 URL:http://www.kb.cert.org/vuls/id/943220 CONFIRM:http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt FEDORA:FEDORA-2011-3462 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html FEDORA:FEDORA-2011-3464 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html FEDORA:FEDORA-2011-3547 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html MANDRIVA:MDVSA-2011:048 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:048~~ (Obsolete source) OSVDB:71183 URL:~~http://osvdb.org/71183~~ (Obsolete source) REDHAT:RHSA-2011:0356 URL:http://www.redhat.com/support/errata/RHSA-2011-0356.html SECTRACK:1025216 URL:http://securitytracker.com/id?1025216 SECUNIA:43700 URL:http://secunia.com/advisories/43700 SECUNIA:43760 URL:http://secunia.com/advisories/43760 SECUNIA:43783 URL:http://secunia.com/advisories/43783 SECUNIA:43881 URL:http://secunia.com/advisories/43881 SUSE:SUSE-SR:2011:005 URL:http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html UBUNTU:USN-1088-1 URL:http://www.ubuntu.com/usn/USN-1088-1 VUPEN:ADV-2011-0672 URL:~~http://www.vupen.com/english/advisories/2011/0672~~ (Obsolete source) VUPEN:ADV-2011-0673 URL:~~http://www.vupen.com/english/advisories/2011/0673~~ (Obsolete source) VUPEN:ADV-2011-0680 URL:~~http://www.vupen.com/english/advisories/2011/0680~~ (Obsolete source) VUPEN:ADV-2011-0722 URL:~~http://www.vupen.com/english/advisories/2011/0722~~ (Obsolete source) VUPEN:ADV-2011-0763 URL:~~http://www.vupen.com/english/advisories/2011/0763~~ (Obsolete source) XF:kerberos-perpareerroras-code-execution(66101) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/66101
Assigning CNA
MITRE Corporation
Date Record Created
20110103	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110103)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)