Lucene search
Ubuntu.comUB:CVE-2013-1416HistoryApr 19, 2013 - 12:00 a.m.
CVE-2013-1416
2013-04-1900:00:00
ubuntu.com
ubuntu.com
13
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.956 High
EPSS
Percentile
99.4%
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution
Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly
perform service-principal realm referral, which allows remote authenticated
users to cause a denial of service (NULL pointer dereference and daemon
crash) via a crafted TGS-REQ request.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704775>
- http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7600
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, only krb5 releases 1.7 to 1.10 are affected |
Related
prion
prion
Null pointer dereference
2013-04-19 11:44:00
openvas
openvas
RedHat Update for krb5 RHSA-2013:0748-01
2013-04-19 00:00:00
CentOS Update for krb5-devel CESA-2013:0748 centos6
2013-04-19 00:00:00
RedHat Update for krb5 RHSA-2013:0748-01
2013-04-19 00:00:00
amazon
amazon
Medium: krb5
2013-04-18 13:58:00
nessus
nessus
Scientific Linux Security Update : krb5 on SL6.x i386/x86_64 (20130416)
2013-04-17 00:00:00
RHEL 6 : krb5 (RHSA-2013:0748)
2013-04-17 00:00:00
Oracle Linux 6 : krb5 (ELSA-2013-0748)
2013-07-12 00:00:00
checkpoint_advisories
checkpoint_advisories
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:00
redhat
redhat
(RHSA-2013:0748) Moderate: krb5 security update
2013-04-16 00:00:00
debiancve
debiancve
CVE-2013-1416
2013-04-19 11:44:00
centos
centos
krb5 security update
2013-04-17 04:22:50
cve
cve
CVE-2013-1416
2013-04-19 11:44:00
oraclelinux
oraclelinux
krb5 security update
2013-04-16 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:157 ] krb5
2013-05-04 00:00:00
MIT Kerberos 5 security vulnereabilities
2013-05-04 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: krb5-1.10.3-15.fc18
2013-04-18 02:43:29
[SECURITY] Fedora 18 Update: krb5-1.10.3-17.fc18
2013-05-21 08:38:01
[SECURITY] Fedora 17 Update: krb5-1.10.2-10.fc17
2013-04-18 02:54:47
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2014-08-11 00:00:00
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.956 High
EPSS
Percentile
99.4%
Related for UB:CVE-2013-1416