Unrated severityNVD Advisory· Published Dec 16, 2014· Updated Jun 17, 2026
CVE-2014-5354
CVE-2014-5354
Description
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
28cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*
- osv-coords23 versionspkg:rpm/opensuse/krb5&distro=openSUSE%20Tumbleweedpkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/krb5-doc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/krb5-doc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/krb5-doc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/krb5-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/krb5-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/krb5-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/krb5-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/krb5-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/krb5-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/krb5-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
< 1.15-1.1+ 22 more
- (no CPE)range: < 1.15-1.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.12.1-16.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.12.1-16.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.12.1-16.1
- (no CPE)range: < 1.6.3-133.49.68.2
- (no CPE)range: < 1.6.3-133.49.68.2
- (no CPE)range: < 1.6.3-133.49.68.2
- (no CPE)range: < 1.6.3-133.49.68.2
- (no CPE)range: < 1.6.3-133.49.68.2
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
- (no CPE)range: < 1.6.3-133.49.68.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.