CVE-2011-0281

Publication date 10 February 2011

Last updated 24 July 2024

Ubuntu priority

The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
krb5	10.10 maverick	Fixed 1.8.1+dfsg-5ubuntu0.4
	10.04 LTS lucid	Fixed 1.8.1+dfsg-2ubuntu0.6
	9.10 karmic	Fixed 1.7dfsg~beta3-1ubuntu0.9
	8.04 LTS hardy	Fixed 1.6.dfsg.3~beta1-2ubuntu1.8
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1062-1
Kerberos vulnerabilities
15 February 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-0281