PublicDateAtUSN: 2011-10-18
Candidate: CVE-2011-1528
PublicDate: 2011-10-20 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt
 https://ubuntu.com/security/notices/USN-1233-1
Description:
 The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC)
 in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when
 the LDAP back end is used, allows remote attackers to cause a denial of
 service (assertion failure and daemon exit) via unspecified vectors,
 related to the locked_check_p function.  NOTE: the Berkeley DB vector is
 covered by CVE-2011-4151.
Ubuntu-Description: 
Notes: 
 sbeattie> CRD Tuesday, 18 October 2011, at 14:00 US/Eastern time
 sbeattie> 1.8 and 1.9 only
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/715579
Priority: medium
Discovered-by: Mark Deneen
Assigned-to: 
CVSS: 

Patches_krb5:
 upstream: http://web.mit.edu/kerberos/advisories/2011-006-patch-r18.txt
upstream_krb5: needs-triage
hardy_krb5: not-affected
lucid_krb5: released (1.8.1+dfsg-2ubuntu0.10)
maverick_krb5: released (1.8.1+dfsg-5ubuntu0.8)
natty_krb5: released (1.8.3+dfsg-5ubuntu2.2)
oneiric_krb5: released (1.9.1+dfsg-1ubuntu1.1)
devel_krb5: not-affected (1.9.1+dfsg-1ubuntu2.1)