Back to search
CVE-2013-1415
Published: Mar 3, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
55040
third-party-advisory
x_refsource_SECUNIA
MDVSA-2013:157
vendor-advisory
x_refsource_MANDRIVA
http://web.mit.edu/kerberos/www/krb5-1.10/
x_refsource_CONFIRM
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7570
x_refsource_CONFIRM
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7577
x_refsource_CONFIRM
http://web.mit.edu/kerberos/www/krb5-1.11/
x_refsource_CONFIRM
https://github.com/krb5/krb5/commit/f249555301940c6df3a2cdda13b56b5674eebc2e
x_refsource_CONFIRM
openSUSE-SU-2013:0523
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now