lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-340-1 | krb5 security update |
![]() |
DSA-3395-1 | krb5 security update |
![]() |
EUVD-2015-2785 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. |
![]() |
USN-2810-1 | Kerberos vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T05:24:38.496Z
Reserved: 2015-03-24T00:00:00
Link: CVE-2015-2695

No data.

Status : Deferred
Published: 2015-11-09T03:59:00.107
Modified: 2025-04-12T10:46:40.837
Link: CVE-2015-2695


No data.