公告ID: KYLIN-2019-14844
安全等级: 重要
产品: Kylin V3
发布日期: 2019年9月26日
CVE: CVE-2019-14844
CVSS3评分: 7.5
概述:
This flaw affects the krb5 server only; client-side packages are not affected. This flaw does not affect any krb5 packages shipped with Kylin products. 描述:
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. A flaw was found in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
krb5
krb5
krb5
krb5