REDHAT-BUG-1121876
First published: Tue Jul 22 2014(Updated: )
A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. It is reported that this issue affects version 1.10 and later. Upstream commit and further details: <a href="https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f">https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kerberos | >=1.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-1121876?
The severity of REDHAT-BUG-1121876 is considered significant due to the potential for application crashes.
How do I fix REDHAT-BUG-1121876?
To fix REDHAT-BUG-1121876, you should update MIT Kerberos to a version later than 1.10.
Which versions are affected by REDHAT-BUG-1121876?
REDHAT-BUG-1121876 affects MIT Kerberos version 1.10 and later.
What is the nature of the vulnerability in REDHAT-BUG-1121876?
The vulnerability in REDHAT-BUG-1121876 is a double-free flaw that could be exploited to crash client applications.
Can an attacker exploit REDHAT-BUG-1121876 remotely?
Yes, an attacker can exploit REDHAT-BUG-1121876 via packet spoofing to crash a client application.
- collector/redhat-bugzilla
- alias/CVE-2014-4343
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mit
- canonical/kerberos