mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-27 13:20:31 +01:00
867 B
867 B
CVE-2015-2697
Description
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.