Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2013-0748

Опубликовано: 16 апр. 2013
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2013-0748: krb5 security update (MODERATE)

[1.10.3-10.2]

  • incorporate upstream patch to fix a NULL pointer dereference while processing certain TGS requests (CVE-2013-1416, #950342)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

krb5-devel

1.10.3-10.el6_4.2

krb5-libs

1.10.3-10.el6_4.2

krb5-pkinit-openssl

1.10.3-10.el6_4.2

krb5-server

1.10.3-10.el6_4.2

krb5-server-ldap

1.10.3-10.el6_4.2

krb5-workstation

1.10.3-10.el6_4.2

Oracle Linux i686

krb5-devel

1.10.3-10.el6_4.2

krb5-libs

1.10.3-10.el6_4.2

krb5-pkinit-openssl

1.10.3-10.el6_4.2

krb5-server

1.10.3-10.el6_4.2

krb5-server-ldap

1.10.3-10.el6_4.2

krb5-workstation

1.10.3-10.el6_4.2

Связанные CVE

CVE-2013-1416

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2013-1416

ubuntu
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

redhat логотип

CVE-2013-1416

redhat
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

nvd логотип

CVE-2013-1416

nvd
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

debian логотип

CVE-2013-1416

debian
больше 12 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distributio ...

github логотип

GHSA-4vgm-5r69-wvp8

github
больше 3 лет назад

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.