BDU:2024-02699

BDU

High

Уязвимость компонента /krb5/src/lib/rpc/pmap_rmt.c реализации сетевого протокола Kerberos связана с ошибками освобождения памяти. Эксплуата…

CVSS

7.5

High

EPSS

0.00

Published

2024-01-01

Updated

2024-01-01

Description

Уязвимость компонента /krb5/src/lib/rpc/pmap_rmt.c реализации сетевого протокола Kerberos связана с ошибками освобождения памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Tags · CWE

Pre-auth

Affected products

Mit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosMit KerberosNovell inc. Suse enterprise storageNovell inc. Suse enterprise storage

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

2024-01-01

Published

2024-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: N

None (N)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Novell

Suse Linux Enterprise High Performance Computing Suse Linux Enterprise Module For Basesystem Suse Enterprise Storage Suse Manager Proxy Suse Manager Server Suse Linux Enterprise Micro Suse Manager Retail Branch Server Suse Linux Enterprise Module For Server Applications

Mit

Kerberos

Product	Vendor	Status
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
kerberos	mit	Tracked
suse enterprise storage	novell inc.	Tracked
suse enterprise storage	novell inc.	Tracked

Showing first 20 of 306

Source databases

BDU

Related vulnerabilities

CVE-2024-26458

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26458@https://security-tracker.debian.org/tracker/CVE-2024-26458@https://www.suse.com/security/cve/CVE-2024-26458.html@https://security.snyk.io/vuln/SNYK-SLES152-KRB5CLIENT-6501660@https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md@http://repo.red-soft.ru/redos/7.3c/x86_64/updates/@https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD