MDVSA-2011:160 -- Mandriva krb5ID: oval:org.secpod.oval:def:301104 | Date: (C)2012-01-07 (M)2021-09-11 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in krb5: The krb5_ldap_lockout_audit function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via unspecified vectors, related to the locked_check_p function . The lookup_lockout_policy function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 or LDAP back end is used, allows remote attackers to cause a denial of service via vectors that trigger certain process_as_req errors . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2010.1 |