| Summary: | <app-crypt/mit-krb5-1.11.1: KDC TGS-REQ Processing NULL-Pointer Dereference Denial of Service Vulnerability (CVE-2013-1416) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | kerberos |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://secunia.com/advisories/53104/ | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
@security: Please vote. GLSA vote: yes. CVE-2013-1416 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1416): The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. GLSA vote: yes Added to existing GLSA draft This issue was resolved and addressed in GLSA 201312-12 at http://security.gentoo.org/glsa/glsa-201312-12.xml by GLSA coordinator Sergey Popov (pinkbyte). |
From ${URL} : Description A vulnerability has been reported in Kerberos, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL-pointer dereference error within the "prep_reprocess_req()" function (src/kdc/do_tgs_req), which can be exploited to crash the KDC daemon by sending specially crafted requests. The vulnerability is reported in versions 1.7 through 1.10.4. Solution Fixed in the git repository. The vulnerability will be fixed in the upcoming version (1.10.5). Provided and/or discovered by Revealed in a git commit. Original Advisory http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7600