HomeMitCVE-2015-2695

CVE-2015-2695

UNKNOWN
5.0CVSS
Published: 2015-11-09
Updated: 2025-04-12
AI Analysis

Description

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

CVSS Metrics

Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector
network
Access Cmplx
low
Auth
none
Confidentiality
none
Integrity
none
Availability
partial
Weaknesses
CWE-763

Metadata

Primary Vendor
MIT
Published
11/9/2015
Last Modified
4/12/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

mit : kerberos_5oracle : solariscanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxdebian : debian_linuxdebian : debian_linuxdebian : debian_linuxopensuse : leapopensuse : opensuseopensuse : opensusesuse : linux_enterprise_desktopsuse : linux_enterprise_desktopsuse : linux_enterprise_desktopsuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_software_development_kitsuse : linux_enterprise_software_development_kitsuse : linux_enterprise_software_development_kit

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2015-2695 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com