FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

krb5 -- KDC denial of service vulnerability

Affected packages
		krb5-113	<	1.13.6
		krb5-114	<	1.14.3

Details

VuXML ID	62d45229-4fa0-11e6-9d13-206a8a720317
Discovery	2016-07-20
Entry	2016-07-21
Modified	2016-07-26

Major changes in krb5 1.14.3 and krb5 1.13.6:

Fix a rare KDC denial of service vulnerability when anonymous client principals are restricted to obtaining TGTs only [CVE-2016-3120] .

[source]

References

CVE Name	CVE-2016-3120
URL	http://web.mit.edu/kerberos/krb5-1.14/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.