#VU42349 Input validation error in Kerberos 5 - CVE-2013-1417

Cybersecurity Help s.r.o.

Published: 2013-11-20 | Updated: 2020-08-10

Vulnerability identifier: #VU42349

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2013-1417

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kerberos 5
Client/Desktop applications / Software for system administration

Vendor: MIT

Description

The vulnerability allows a remote #AU# to perform service disruption.

do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Kerberos 5: 1.11 - 1.11.3

External links
https://lists.opensuse.org/opensuse-updates/2013-12/msg00026.html
https://web.mit.edu/kerberos/krb5-1.11/README-1.11.4.txt
https://bugzilla.redhat.com/show_bug.cgi?id=1030743
https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for MIT Kerberos 5

Input validation error in MIT Kerberos 5