VDB

GCVE-110-MAGEIA-2014-345

GCVE-110-MAGEIA-2014-345
Advisory Published
Vulnetix · Advisory published August 22, 2014
MIT Kerberos 5 allows attackers to cause a denial of service via a buffer over-read or NULL pointer dereference, by injecting invalid tokens into a GSSAPI application session (CVE-2014-4341, CVE-2014-4342). MIT Kerberos 5 allows attackers to cause a denial of service via a double-free flaw or NULL pointer dereference, while processing invalid SPNEGO tokens (CVE-2014-4343, CVE-2014-4344). In MIT Kerberos 5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow) (CVE-2014-4345).

Affected Products

VendorProductVersionsPlatforms
Mageiakrb50 (affected), 1.11.4-1.1.mga4 (unaffected)
Mageiakrb50 (affected), 1.11.1-1.4.mga3 (unaffected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›