Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Kerberos5 Multiple Integer Underflow Vulnerabilities
Information
Severity
Severity
Critical
Family
Family
Buffer overflow
CVSSv2 Base
CVSSv2 Base
10.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
14 years ago
Modified
Modified
5 years ago
Summary
This host is installed with Kerberos5 and is prone to multiple Integer Underflow vulnerability.
Insight
Insight
Multiple Integer Underflow due to errors within the 'AES' and 'RC4' decryption functionality in the crypto library in MIT Kerberos when processing ciphertext with a length that is too short to be valid.
Affected Software
Affected Software
kerberos5 version 1.3 to 1.6.3, and 1.7
Solution
Solution
Apply the patch mentioned in the advisories below. ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****