Overview
- Description
- The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D554BDC-CD7D-4572-B1E8-5F627F2C5916"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65BCD38A-33AD-4FD7-AF5B-8470B24C4139"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E11F9209-799A-428B-9513-DBD0F19C7BF4"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DA40FAA-B858-4282-8438-247E99FBB002"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65795542-D886-46C4-8ECB-4630078DF66A"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0A4C436-C3D7-469E-8895-8EEC9569EE86"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79A9FAE9-7219-4D6A-9E94-FFE20223537D"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA68BC90-FCFC-4C9B-8574-9029DB2358E9"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D0A28CB-173D-4676-B083-E3718213B840"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "169D00BD-344F-453C-BE7C-9DF0740080BB"
}
],
"operator": "OR"
}
]
}
]