Search for vulnerabilities
Vulnerability details: VCID-xn5e-wsmu-aaaj
Vulnerability ID VCID-xn5e-wsmu-aaaj
Aliases CVE-2011-1529
Summary The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2011:1379
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.01954 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.02768 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.02768 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.02768 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.04989 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.50210 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.50210 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.50210 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.50210 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.69115 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
epss 0.73762 https://api.first.org/data/v1/epss?cve=CVE-2011-1529
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=737711
cvssv2 7.8 https://nvd.nist.gov/vuln/detail/CVE-2011-1529
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1529.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt
http://www.kb.cert.org/vuls/id/659251
http://www.mandriva.com/security/advisories?name=MDVSA-2011:159
http://www.mandriva.com/security/advisories?name=MDVSA-2011:160
http://www.redhat.com/support/errata/RHSA-2011-1379.html
646367 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
737711 https://bugzilla.redhat.com/show_bug.cgi?id=737711
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
CVE-2011-1529 https://nvd.nist.gov/vuln/detail/CVE-2011-1529
GLSA-201201-13 https://security.gentoo.org/glsa/201201-13
RHSA-2011:1379 https://access.redhat.com/errata/RHSA-2011:1379
USN-1233-1 https://usn.ubuntu.com/1233-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1529
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.819
EPSS Score 0.01954
Published At April 3, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.