1. Home
  2. CVE Database
  3. CVE-2011-0281
MEDIUM · 5.0

CVE-2011-0281

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file...

Vulnerability Description

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
MitKerberos5-1.6.3
MitKerberos 51.6

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2011-0281?

CVE-2011-0281 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file...

How severe is CVE-2011-0281?

CVE-2011-0281 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0281?

Check the references section above for vendor advisories and patch information. Affected products include: Mit Kerberos, Mit Kerberos 5.