Unrated severityNVD Advisory· Published Dec 8, 2011· Updated Apr 29, 2026

CVE-2011-1530

Description

The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.

Affected products

Mit/Kerberos3 versions
cpe:2.3:a:mit:mit_kerberos:5.1.9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mit:mit_kerberos:5.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:mit:mit_kerberos:5.1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:mit_kerberos:5.1.9.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txtnvdPatch
secunia.com/advisories/47124nvdVendor Advisory
securitytracker.com/idnvd
www.mandriva.com/security/advisoriesnvd
www.redhat.com/support/errata/RHSA-2011-1790.htmlnvd
www.securityfocus.com/archive/1/520756/100/0/threadednvd
www.securityfocus.com/bid/50929nvd
exchange.xforce.ibmcloud.com/vulnerabilities/71655nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000