CVE-2013-1418
published 2013-11-18CVE-2013-1418: The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
5.51%
91.8th percentile
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | krb5 | < krb5 1.11.3+dfsg-3+nmu1 (bookworm) | krb5 1.11.3+dfsg-3+nmu1 (bookworm) |
| mit | kerberos | — | — |
| mit | kerberos | — | — |
| mit | kerberos | — | — |
| mit | kerberos_5 | < 1.10.7 | 1.10.7 |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.11.3+dfsg-3+nmu1 | 1.11.3+dfsg-3+nmu1 |
| mit | krb5 | >= 0 < 1.11.3+dfsg-3+nmu1 | 1.11.3+dfsg-3+nmu1 |
| mit | krb5 | >= 0 < 1.11.3+dfsg-3+nmu1 | 1.11.3+dfsg-3+nmu1 |
| mit | krb5 | >= 0 < 1.11.3+dfsg-3+nmu1 | 1.11.3+dfsg-3+nmu1 |
| mit | krb5 | >= 0 < 1.12+dfsg-2ubuntu4.2 | 1.12+dfsg-2ubuntu4.2 |
| mit | krb5 | >= 0 < 1.12+dfsg-2ubuntu4 | 1.12+dfsg-2ubuntu4 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_ubuntu5.0MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Kerberos vulnerabilities
vendor_ubuntu·2014-08-11·CVSS 5.0
CVE-2012-1016 [MEDIUM] Kerberos vulnerabilities
Title: Kerberos vulnerabilities
Summary: Several security issues were fixed in Kerberos.
It was discovered that Kerberos incorrectly handled certain crafted Draft 9
requests. A remote attacker could use this issue to cause the daemon to
crash, resulting in a denial of service. This issue only affected Ubuntu
12.04 LTS. (CVE-2012-1016)
It was discovered that Kerberos incorrectly handled certain malformed
KRB5_PADATA_PK_AS_REQ AS-REQ requests. A remote attacker could use this
issue to cause the daemon to crash, resulting in a denial of service. This
issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-1415)
It was discovered that Kerberos incorrectly handled certain crafted TGS-REQ
requests. A remote authenticated attacker could use this issue to cause the
daemon to crash
Red Hat
krb5: multi-realm KDC null dereference leads to crash
vendor_redhat·2013-11-04·CVSS 4.3
CVE-2013-1418 [MEDIUM] CWE-476 krb5: multi-realm KDC null dereference leads to crash
krb5: multi-realm KDC null dereference leads to crash
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request.
Package: krb5 (Red Hat Enterprise Linux 7) - Not affected
Red Hat
krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
vendor_redhat·2013-11-04·CVSS 4.3
CVE-2013-6800 [MEDIUM] CWE-476 krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request.
Package: krb5 (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2013-1418: krb5 - The setup_server_realm function in main.c in the Key Distribution Center (KDC) i...
vendor_debian·2013·CVSS 4.3
CVE-2013-1418 [MEDIUM] CVE-2013-1418: krb5 - The setup_server_realm function in main.c in the Key Distribution Center (KDC) i...
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
Scope: local
bookworm: resolved (fixed in 1.11.3+dfsg-3+nmu1)
bullseye: resolved (fixed in 1.11.3+dfsg-3+nmu1)
forky: resolved (fixed in 1.11.3+dfsg-3+nmu1)
sid: resolved (fixed in 1.11.3+dfsg-3+nmu1)
trixie: resolved (fixed in 1.11.3+dfsg-3+nmu1)
GHSA
GHSA-gfmf-37px-c964: The setup_server_realm function in main
ghsa_unreviewed·2022-05-13
CVE-2013-1418 [MEDIUM] CWE-476 GHSA-gfmf-37px-c964: The setup_server_realm function in main
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
GHSA
GHSA-f64v-2v58-4rrx: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2013-6800 [MEDIUM] GHSA-f64v-2v58-4rrx: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
OSV
krb5 vulnerabilities
osv·2014-08-11·CVSS 5.0
CVE-2012-1016 [MEDIUM] krb5 vulnerabilities
krb5 vulnerabilities
It was discovered that Kerberos incorrectly handled certain crafted Draft 9
requests. A remote attacker could use this issue to cause the daemon to
crash, resulting in a denial of service. This issue only affected Ubuntu
12.04 LTS. (CVE-2012-1016)
It was discovered that Kerberos incorrectly handled certain malformed
KRB5_PADATA_PK_AS_REQ AS-REQ requests. A remote attacker could use this
issue to cause the daemon to crash, resulting in a denial of service. This
issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-1415)
It was discovered that Kerberos incorrectly handled certain crafted TGS-REQ
requests. A remote authenticated attacker could use this issue to cause the
daemon to crash, resulting in a denial of service. This issue only affected
Ubuntu 1
OSV
CVE-2013-1418: The setup_server_realm function in main
osv·2013-11-18·CVSS 4.3
CVE-2013-1418 [MEDIUM] CVE-2013-1418: The setup_server_realm function in main
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
OSV
CVE-2013-6800: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1
osv·2013-11-17·CVSS 4.3
CVE-2013-6800 [MEDIUM] CVE-2013-6800: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-6800 krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
bugzilla·2013-11-18·CVSS 4.3
CVE-2013-6800 [MEDIUM] CVE-2013-6800 krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
CVE-2013-6800 krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6800 to
the following vulnerability:
Name: CVE-2013-6800
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800
Assigned: 20131115
Reference: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
Reference: https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
Discussion:
Created krb5 tracking bugs for this issue:
Affec
Bugzilla
CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash [fedora-all]
bugzilla·2013-11-05·CVSS 4.3
CVE-2013-1418 [MEDIUM] CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash [fedora-all]
CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue
Bugzilla
CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash
bugzilla·2013-11-05·CVSS 4.3
CVE-2013-1418 [MEDIUM] CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash
CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash
It was reported [1] that if a KDC serves multiple realms, certain requests could cause the setup_server_realm() funtion to dereference a null pointer, resulting in a crash of the KDC (Key Distribution Center). This can be triggered by an unauthenticated user.
This has been correct in git [2].
[1] http://mailman.mit.edu/pipermail/krb5-bugs/2013-November/010206.html
[2] https://github.com/krb5/krb5/commit/5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf
Discussion:
Upstream ticket:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
---
Created krb5 tracking bugs for this issue:
Affects: fedora-all [bug 1026997]
---
krb5-1.11.3-29.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please
http://advisories.mageia.org/MGASA-2013-0335.htmlhttp://krbdev.mit.edu/rt/Ticket/Display.html?id=7757http://lists.opensuse.org/opensuse-updates/2013-11/msg00082.htmlhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2013-12/msg00026.htmlhttp://web.mit.edu/kerberos/krb5-1.10/README-1.10.7.txthttp://web.mit.edu/kerberos/krb5-1.11/README-1.11.4.txthttp://www.securityfocus.com/bid/63555https://bugzilla.redhat.com/show_bug.cgi?id=1026942https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89dhttps://lists.debian.org/debian-lts-announce/2018/01/msg00040.htmlhttp://advisories.mageia.org/MGASA-2013-0335.htmlhttp://krbdev.mit.edu/rt/Ticket/Display.html?id=7757http://lists.opensuse.org/opensuse-updates/2013-11/msg00082.htmlhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2013-12/msg00026.htmlhttp://web.mit.edu/kerberos/krb5-1.10/README-1.10.7.txthttp://web.mit.edu/kerberos/krb5-1.11/README-1.11.4.txthttp://www.securityfocus.com/bid/63555https://bugzilla.redhat.com/show_bug.cgi?id=1026942https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89dhttps://lists.debian.org/debian-lts-announce/2018/01/msg00040.html
2013-11-18
Published