RT RT/krbdev.mit.edu: Ticket #7757 Multi-realm KDC null deref [CVE-2013-1418] Signed in as guest.
[Logout]

[Home] [Search] [Configuration]

[Display] [History] [Basics] [Dates] [People] [Links] [Jumbo]

 
 

 The Basics  
Id
7757
Status
resolved
Worked
0 min
Priority
0/0
Queue
krb5
 

 Keyword Selections  
Component
Version_reported
Version_Fixed
  • 1.10.7
Target_Version
Tags
 

 Relationships  
Depends on:
Depended on by:
Parents:
Children:

Refers to:
Referred to by:
 
 Dates  
Created: Mon Nov 4 16:25:04 2013
Starts: Not set
Started: Mon Nov 4 16:25:05 2013
Last Contact: Not set
Due: Not set
Updated: Mon Nov 4 16:25:05 2013 by tlyu
 

 People  
Owner
 tlyu
Requestors
 tlyu@mit.edu
Cc
 
AdminCc
 
 

 More about Tom Yu  
Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:
 

History   Display mode: [Brief headers] [Full headers]
      Mon Nov  4 16:25:04 2013  tlyu - Ticket created    
     
From: tlyu@mit.edu
Subject: git commit


Multi-realm KDC null deref [CVE-2013-1418]

If a KDC serves multiple realms, certain requests can cause
setup_server_realm() to dereference a null pointer, crashing the KDC.

CVSSv2: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C

A related but more minor vulnerability requires authentication to
exploit, and is only present if a third-party KDC database module can
dereference a null pointer under certain conditions.

(back ported from commit 5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf)

https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d
Author: Tom Yu <tlyu@mit.edu>
Commit: c2ccf4197f697c4ff143b8a786acdd875e70a89d
Branch: krb5-1.10
 src/kdc/main.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)


Download (untitled) 738b
      Mon Nov  4 16:25:05 2013  tlyu - Requestor tlyu@mit.edu added    
      Mon Nov  4 16:25:05 2013  tlyu - Status changed from new to resolved    
      Mon Nov  4 16:25:05 2013  tlyu - Version_Fixed 1.10.7 added