MIT Kerberos KDC 'kdc_authdata.c' NULL Pointer Denial Of Service Vulnerability
MIT Kerberos is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference error.
To exploit this issue, an attacker sends a specially crafted Ticket Granting Server (TGS) request message to a vulnerable KDC service.
An authenticated attacker can exploit this issue to crash the KDC service, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; this has not been confirmed.
MIT Kerberos 5 1.8 through 1.8.3 are vulnerable.