F5 Networks BIG-IP : MIT Kerberos 5 vulnerability (K15552)
Medium Nessus Plugin ID 105735
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionMIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
A remote attacker may be able to cause a denial of service (DoS) by injecting invalid tokens into a GSSAPI application session.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K15552.