MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability

MIT Kerberos is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference in the GSS-API library.

An attacker may exploit this issue to crash the kadmind service, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

MIT Kerberos 5 1.8.1 is vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus