AVG-414

Package krb5
Status Fixed
Severity High
Type multiple issues
Affected 1.15.1-1
Fixed 1.15.2-1
Current 1.16.1-1 [core]
Ticket None
Created Mon Sep 25 21:15:25 2017
Issue Severity Remote Type Description
CVE-2017-11462 High Yes Arbitrary code execution
A double free vulnerability has been discovered in MIT Kerberos 5 (aka krb5) allowing attackers to crash the application or possibly execute arbitrary code...
CVE-2017-11368 Medium Yes Denial of service
A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion...
Date Advisory Package Description
05 Oct 2017 ASA-201710-8 krb5 multiple issues
References
https://web.mit.edu/kerberos/krb5-1.15/