K15784: Kerberos vulnerability CVE-2013-1418

Security Advisory Description The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted...

Denial Of Service (DoS)

Kerberos is vulnerable to denial of service DoS. If a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request...

Updated krb5 package fixes security vulnerabilities

An authenticated remote client can cause a KDC to crash by making a valid TGS-REQ to a KDC serving a realm with a single-component name. The processtgsreq function dereferences a null pointer because an unusual failure condition causes a helper function to return success CVE-2013-1417. If a KDC...

Updated krb5 package fixes security vulnerabily

If a KDC serves multiple realms, certain requests can cause setupserverrealm to dereference a null pointer, crashing the KDC. This can be triggered by an unauthenticated user CVE-2013-1418...

CVE-2013-1418

The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted request...

MIT Kerberos 5 setup_server_realm() Remote DoS

The Kerberos service running on the remote host is affected by a remote denial of service DoS vulnerability. Attackers can exploit this issue to crash the affected KDC service, resulting in DoS conditions. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid70941;...