18 Fév 2015
Vulnerability Details : CVE-2014-9422
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
Publish Date : 2015-02-19 Last Update Date : 2015-03-11
- CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.
- Products Affected By CVE-2014-9422
- Number Of Affected Versions By Product
- References For CVE-2014-9422
- Metasploit Modules Related To CVE-2014-9422
There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)