CVE-2015-2696 (retired)

Priority
Description
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on
an inappropriate context handle, which allows remote attackers to cause a
denial of service (incorrect pointer read and process crash) via a crafted
IAKERB packet that is mishandled during a gss_inquire_context call.
Notes
 tyhicks> Upstream fix caused a new security issue (CVE-2015-2698)
Assigned-to
mdeslaur
More Information

Updated: 2019-09-19 15:53:12 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)