VDB

GCVE-VVD-MAGEIA-2014-536

GCVE-VVD-MAGEIA-2014-536
Advisory Published
Vulnetix · Advisory published December 19, 2014
Updated krb5 packages fix security vulnerability: In MIT krb5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause a NULL dereference by attempting to use a named ticket policy object as a password policy for a principal. The attacker needs to be authenticated as a user who has the elevated privilege for setting password policy by adding or modifying principals (CVE-2014-5353).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiakrb50 (affected), 1.11.4-1.3.mga4 (unaffected)

References

Updated krb5 packages fix CVE-2014-5353
advisory
Updated krb5 packages fix CVE-2014-5353
issue
Updated krb5 packages fix CVE-2014-5353
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›