Search for vulnerabilities
Vulnerability details: VCID-9r1d-v4s9-aaab
Vulnerability ID VCID-9r1d-v4s9-aaab
Aliases CVE-2011-1528
Summary The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151.
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2011:1379
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.02955 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.03587 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.03587 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.03587 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.04470 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.04470 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.04470 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.04470 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.0641 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.11565 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
epss 0.14701 https://api.first.org/data/v1/epss?cve=CVE-2011-1528
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=737711
cvssv2 7.8 https://nvd.nist.gov/vuln/detail/CVE-2011-1528
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1528.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1528
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/715579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt
http://www.kb.cert.org/vuls/id/659251
http://www.mandriva.com/security/advisories?name=MDVSA-2011:159
http://www.mandriva.com/security/advisories?name=MDVSA-2011:160
http://www.redhat.com/support/errata/RHSA-2011-1379.html
646367 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
737711 https://bugzilla.redhat.com/show_bug.cgi?id=737711
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
CVE-2011-1528 https://nvd.nist.gov/vuln/detail/CVE-2011-1528
GLSA-201201-13 https://security.gentoo.org/glsa/201201-13
RHSA-2011:1379 https://access.redhat.com/errata/RHSA-2011:1379
USN-1233-1 https://usn.ubuntu.com/1233-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1528
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.85293
EPSS Score 0.02955
Published At April 3, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.