5 matches found
krb5: multi-realm KDC null dereference leads to crash
It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request...
krb5: multi-realm KDC null dereference leads to crash
It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request...
USN-2310-1 krb5 vulnerabilities
It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2012-1016 It was discovered that Kerberos incorrectly handled...
openSUSE Security Update : krb5 (openSUSE-SU-2013:1738-1)
This update fixes the following security issue with krb5 : - bnc849240, CVE-2013-1418: fix Multi-realm KDC null deref %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-880. The tex...
Kerberos Multi-realm KDC NULL Pointer Dereference Denial of Service (CVE-2013-1418)
A denial of service vulnerability has been reported in Kerberos. The vulnerability is due to a NULL pointer dereference within the setupserverrealm function when Kerberos is configured to serve multiple realms. A remote attacker can exploit this vulnerability by sending a malicious request to a...