The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
(
CVE-2013-1418
)
Impact
An attacker may be able to cause a denial-of-service (DoS) by using a crafted request.