Search for vulnerabilities
Vulnerability details: VCID-a8g2-gyjr-aaaq
Vulnerability ID VCID-a8g2-gyjr-aaaq
Aliases CVE-2011-1530
Summary The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-399 Resource Management Errors
CWE-476 NULL Pointer Dereference
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2011:1790
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.0088 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01319 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.01452 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.61469 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.61469 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.68094 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
epss 0.68094 https://api.first.org/data/v1/epss?cve=CVE-2011-1530
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=753748
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2011-1530
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1530.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530
http://secunia.com/advisories/47124
http://securitytracker.com/id?1026374
https://exchange.xforce.ibmcloud.com/vulnerabilities/71655
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2011:184
http://www.redhat.com/support/errata/RHSA-2011-1790.html
http://www.securityfocus.com/archive/1/520756/100/0/threaded
http://www.securityfocus.com/bid/50929
753748 https://bugzilla.redhat.com/show_bug.cgi?id=753748
cpe:2.3:a:mit:mit_kerberos:5.1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:mit_kerberos:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:mit:mit_kerberos:5.1.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:mit_kerberos:5.1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:mit_kerberos:5.1.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:mit_kerberos:5.1.9.2:*:*:*:*:*:*:*
CVE-2011-1530 https://nvd.nist.gov/vuln/detail/CVE-2011-1530
GLSA-201201-13 https://security.gentoo.org/glsa/201201-13
RHSA-2011:1790 https://access.redhat.com/errata/RHSA-2011:1790
USN-1290-1 https://usn.ubuntu.com/1290-1/
No exploits are available.
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1530
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.73243
EPSS Score 0.0088
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.