Unrated severityNVD Advisory· Published Aug 14, 2014· Updated Jun 17, 2026
CVE-2014-4345
CVE-2014-4345
Description
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
- (no CPE)range: <1.11.6 (1.6.x-1.11.x), <1.12.2 (1.12.x)
Patches
Vulnerability mechanics
References
30- web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txtnvdVendor Advisory
- advisories.mageia.org/MGASA-2014-0345.htmlnvd
- kb.juniper.net/InfoCenter/indexnvd
- krbdev.mit.edu/rt/Ticket/Display.htmlnvd
- linux.oracle.com/errata/ELSA-2014-1255.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2014-August/136640.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2014-August/137056.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-08/msg00030.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-1255.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0439.htmlnvd
- secunia.com/advisories/59102nvd
- secunia.com/advisories/59415nvd
- secunia.com/advisories/59993nvd
- secunia.com/advisories/60535nvd
- secunia.com/advisories/60776nvd
- secunia.com/advisories/61314nvd
- secunia.com/advisories/61353nvd
- security.gentoo.org/glsa/glsa-201412-53.xmlnvd
- www.debian.org/security/2014/dsa-3000nvd
- www.mandriva.com/security/advisoriesnvd
- www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlnvd
- www.osvdb.org/109908nvd
- www.securityfocus.com/bid/69168nvd
- www.securitytracker.com/id/1030705nvd
- blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errorsnvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/95212nvd
- github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1nvd
- github.com/krb5/krb5/pull/181nvd
News mentions
0No linked articles in our index yet.