Back to search
CVE-2013-1418
Published: Nov 16, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1026942
x_refsource_CONFIRM
openSUSE-SU-2013:1738
vendor-advisory
x_refsource_SUSE
[debian-lts-announce] 20180131 [SECURITY] [DLA 1265-1] krb5 security update
mailing-list
x_refsource_MLIST
http://advisories.mageia.org/MGASA-2013-0335.html
x_refsource_CONFIRM
https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d
x_refsource_CONFIRM
openSUSE-SU-2013:1751
vendor-advisory
x_refsource_SUSE
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
x_refsource_CONFIRM
http://web.mit.edu/kerberos/krb5-1.10/README-1.10.7.txt
x_refsource_CONFIRM
63555
vdb-entry
x_refsource_BID
openSUSE-SU-2013:1833
vendor-advisory
x_refsource_SUSE
http://web.mit.edu/kerberos/krb5-1.11/README-1.11.4.txt
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now