Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-1417
HistoryNov 20, 2013 - 12:00 a.m.

CVE-2013-1417

2013-11-2000:00:00
ubuntu.com
ubuntu.com
12

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.033

Percentile

91.4%

JSON

do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka
krb5) 1.11 before 1.11.4, when a single-component realm name is used,
allows remote authenticated users to cause a denial of service (daemon
crash) via a TGS-REQ request that triggers an attempted cross-realm
referral for a host-based service principal.

Bugs

Notes

Author Note
mdeslaur only 1.11.x

Related

nessus 5
cvelist 1
f5 4
prion 1
fedora 7
cve 1
nvd 1
debiancve 1
checkpoint_advisories 1
openvas 9
mageia 1
gentoo 1
nessus
nessus
Fedora 20 : krb5-1.11.3-32.fc20 (2013-21456)
2013-11-19 00:00:00
openSUSE Security Update : krb5 (openSUSE-SU-2013:1833-1)
2014-06-13 00:00:00
Fedora 19 : krb5-1.11.3-13.fc19 (2013-21786)
2013-12-04 00:00:00
cvelist
cvelist
CVE-2013-1417
2013-11-20 11:00:00
f5
f5
K15783 : Kerberos vulnerability CVE-2013-1417
2014-11-03 00:00:00
SOL15783 - Kerberos vulnerability CVE-2013-1417
2014-11-03 00:00:00
SOL15784 - Kerberos vulnerability CVE-2013-1418
2014-11-03 00:00:00
prion
prion
Design/Logic Flaw
2013-11-20 14:12:00
fedora
fedora
[SECURITY] Fedora 20 Update: krb5-1.11.3-32.fc20
2013-11-18 21:07:55
[SECURITY] Fedora 19 Update: krb5-1.11.3-13.fc19
2013-12-03 10:37:37
[SECURITY] Fedora 20 Update: krb5-1.11.5-10.fc20
2014-08-07 15:32:53
cve
cve
CVE-2013-1417
2013-11-20 14:12:44
nvd
nvd
CVE-2013-1417
2013-11-20 14:12:44
debiancve
debiancve
CVE-2013-1417
2013-11-20 14:12:44
checkpoint_advisories
checkpoint_advisories
Kerberos Cross-Realm Referrals KDC NULL Pointer Dereference Denial of Service (CVE-2013-1417)
2014-03-11 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0336)
2022-01-28 00:00:00
Fedora Update for krb5 FEDORA-2013-21786
2013-12-04 00:00:00
Fedora Update for krb5 FEDORA-2013-21786
2013-12-04 00:00:00
mageia
mageia
Updated krb5 package fixes security vulnerabilities
2013-11-21 00:41:07
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.033

Percentile

91.4%

JSON
Related for UB:CVE-2013-1417
nessus5cvelist1f54prion1fedora7cve1nvd1debiancve1checkpoint_advisories1openvas9mageia1gentoo1