CVE-2014-4345

Advisory lineage Upstream: 0 Downstream: 10

Downstream

DEBIAN-CVE-2014-4345 DLA-37-1 DSA-3000-1 MGASA-2014-0345 OPENSUSE-SU-2024:10004-1 RHSA-2014:1255

Modified

Published: 14 Aug 2014, 01:00

Last modified:06 Aug 2024, 11:12

Vulnerability Summary

Overall Risk (default)

medium

36/100

CVSS Score

8.5 HIGH

v2.0 (nvd)

EPSS Score

11.3% MEDIUM

11% probability -1.37%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Aug 2014, 01:00

Published

Vulnerability first disclosed

06 Aug 2024, 11:12

Last Modified

Vulnerability information updated

Description

Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.

CVSS Metrics

v2.0•HIGH•Score: 8.5AV:N/AC:M/Au:S/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 11.30%• Percentile: 94%

Techniques & Countermeasures

CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

mit•kerberos_5
1.6 | 1.6.1 | 1.6.2 | 1.7 | 1.7.1 | 1.8 | 1.8.1 | 1.8.2 | 1.8.3 | 1.8.4 | 1.8.5 | 1.8.6 | 1.9 | 1.9.1 | 1.9.2 | 1.9.3 | 1.9.4 | 1.10 | 1.10.1 | 1.10.2 | 1.10.3 | 1.10.4 | 1.11 | 1.11.1 | 1.11.2 | 1.11.3 | 1.11.4 | 1.11.5 | 1.12 | 1.12.1