Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1416

Опубликовано: 19 апр. 2013
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
Версия до 1.10.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02637
Низкий

4 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2013-1416

ubuntu
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

redhat логотип

CVE-2013-1416

redhat
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

debian логотип

CVE-2013-1416

debian
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distributio ...

github логотип

GHSA-4vgm-5r69-wvp8

github
больше 3 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

oracle-oval логотип

ELSA-2013-0748

oracle-oval
больше 12 лет назад

ELSA-2013-0748: krb5 security update (MODERATE)

EPSS

Процентиль: 85%
0.02637
Низкий

4 Medium

CVSS2

Дефекты

CWE-476