|
|||
Release Date:2015/04/28
Attack Name:DOS MIT Kerberos 5 recvauth Invalid Memory Access -1 (CVE-2014-5355)
Severity:
BUG ID:
CVE ID:
Description:
|
The vulnerability occurs when recvauth_common() calls krb5_read_message() to receive and process a crafted message causing it to return an invalid string that later causes a NULL pointer dereference or an attempt to read beyond the end of a buffer.
Impact:Denial of service
Affected System:Linux, FreeBSD, Solaris, Other Unix
Additional References:CVE-2014-5355
Solution:
|
Update vendor's patch.