Debian DSA-2379-1 : krb5 - several vulnerabilities

high Nessus Plugin ID 57519


The remote Debian host is missing a security-related update.


It was discovered that the Key Distribution Center (KDC) in Kerberos 5 crashes when processing certain crafted requests :

- CVE-2011-1528 When the LDAP backend is used, remote users can trigger a KDC daemon crash and denial of service.

- CVE-2011-1529 When the LDAP or Berkeley DB backend is used, remote users can trigger a NULL pointer dereference in the KDC daemon and a denial of service.

The oldstable distribution (lenny) is not affected by these problems.


Upgrade the krb5 packages.

For the stable distribution (squeeze), these problems have been fixed in version 1.8.3+dfsg-4squeeze5.

See Also

Plugin Details

Severity: High

ID: 57519

File Name: debian_DSA-2379.nasl

Version: 1.13

Type: local

Agent: unix

Published: 1/12/2012

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:krb5, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 1/4/2012

Reference Information

CVE: CVE-2011-1528, CVE-2011-1529

BID: 50273

DSA: 2379