Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30022
HistoryNov 26, 2013 - 12:00 a.m.

[ MDVSA-2013:275 ] krb5

2013-11-2600:00:00
vulners.com
15
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2013:275
http://www.mandriva.com/en/support/security/

Package : krb5
Date : November 21, 2013
Affected: Business Server 1.0, Enterprise Server 5.0

Problem Description:

Updated krb5 package fixes security vulnerabily:

If a KDC serves multiple realms, certain requests can cause
setup_server_realm() to dereference a null pointer, crashing
the KDC. This can be triggered by an unauthenticated user
(CVE-2013-1418).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418
http://advisories.mageia.org/MGASA-2013-0335.html

Updated Packages:

Mandriva Enterprise Server 5:
c6e2a12f9334c9b0861f738e309ef21c mes5/i586/krb5-1.8.1-0.12mdvmes5.2.i586.rpm
099870aeac2424420be5a47718443e88 mes5/i586/krb5-pkinit-openssl-1.8.1-0.12mdvmes5.2.i586.rpm
f683b619aed5b347c7d6b92070a86b77 mes5/i586/krb5-server-1.8.1-0.12mdvmes5.2.i586.rpm
369a1ac36bd88019c207aa1982f50753 mes5/i586/krb5-server-ldap-1.8.1-0.12mdvmes5.2.i586.rpm
b303c5a842bc235c64cf1521e905bf4e mes5/i586/krb5-workstation-1.8.1-0.12mdvmes5.2.i586.rpm
24b5128661cb61497a8965abfc1b0e43 mes5/i586/libkrb53-1.8.1-0.12mdvmes5.2.i586.rpm
f5dba26c5fdf746de303591346b8de63 mes5/i586/libkrb53-devel-1.8.1-0.12mdvmes5.2.i586.rpm
56849bc96afd72468707d055d286ce0a mes5/SRPMS/krb5-1.8.1-0.12mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
aaf04d799c2bb6e9bac4dc9f0c24ba99 mes5/x86_64/krb5-1.8.1-0.12mdvmes5.2.x86_64.rpm
29b3214d94a789911404d03a1e176403 mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.12mdvmes5.2.x86_64.rpm
46ffafde92974ccc43501486b53028db mes5/x86_64/krb5-server-1.8.1-0.12mdvmes5.2.x86_64.rpm
1ad22a59ef287c424f6eaae5cc891365 mes5/x86_64/krb5-server-ldap-1.8.1-0.12mdvmes5.2.x86_64.rpm
63aa45265bc290f807cf14d4aa43843f mes5/x86_64/krb5-workstation-1.8.1-0.12mdvmes5.2.x86_64.rpm
c884dcc1f33f1f802c2d8cee153cea85 mes5/x86_64/lib64krb53-1.8.1-0.12mdvmes5.2.x86_64.rpm
ff88b48603330887ddf7d7c732600a7e mes5/x86_64/lib64krb53-devel-1.8.1-0.12mdvmes5.2.x86_64.rpm
56849bc96afd72468707d055d286ce0a mes5/SRPMS/krb5-1.8.1-0.12mdvmes5.2.src.rpm

Mandriva Business Server 1/X86_64:
76b585b948b99099d7f4176af973f0fd mbs1/x86_64/krb5-1.9.2-3.4.mbs1.x86_64.rpm
1081705b0e90cf301fe6a709d5f3661f mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.4.mbs1.x86_64.rpm
dc28a054d134b3c74d5de881407e8391 mbs1/x86_64/krb5-server-1.9.2-3.4.mbs1.x86_64.rpm
006ede11ef91663f9f03a270110db97a mbs1/x86_64/krb5-server-ldap-1.9.2-3.4.mbs1.x86_64.rpm
a86c414f752c1a663a304d8151116d02 mbs1/x86_64/krb5-workstation-1.9.2-3.4.mbs1.x86_64.rpm
d1fac5ab68f0f8df723d9d83abcfef78 mbs1/x86_64/lib64krb53-1.9.2-3.4.mbs1.x86_64.rpm
1ec050aa3173941d0e4dbdb501085315 mbs1/x86_64/lib64krb53-devel-1.9.2-3.4.mbs1.x86_64.rpm
fb6fa067fd8857905b0433d366470c15 mbs1/SRPMS/krb5-1.9.2-3.4.mbs1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFSjdSRmqjQ0CJFipgRAvYCAKDOR+UvyukA+sBAuu1ZOHax2R2hhwCfWZbu
zrWz2FmnSu0pcKLe+wofc0s=
=fank
-----END PGP SIGNATURE-----

Related

checkpoint_advisories 1
securityvulns 1
nessus 21
f5 4
mageia 2
fedora 7
veracode 3
debiancve 1
cve 2
prion 2
ubuntucve 2
ibm 1
openvas 16
centos 2
oraclelinux 3
redhat 2
osv 1
debian 1
gentoo 1
amazon 1
ubuntu 1
checkpoint_advisories
checkpoint_advisories
Kerberos Multi-realm KDC NULL Pointer Dereference Denial of Service (CVE-2013-1418)
2013-01-06 00:00:00
securityvulns
securityvulns
MIT Kerberos 5 KDC DoS
2013-11-26 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : krb5 (MDVSA-2013:275)
2013-11-22 00:00:00
openSUSE Security Update : krb5 (openSUSE-SU-2013:1738-1)
2014-06-13 00:00:00
MIT Kerberos 5 setup_server_realm() Remote DoS
2013-11-18 00:00:00
f5
f5
K15784 : Kerberos vulnerability CVE-2013-1418
2014-11-03 00:00:00
K15785 : Kerberos vulnerability CVE-2013-6800
2014-11-03 00:00:00
SOL15784 - Kerberos vulnerability CVE-2013-1418
2014-11-03 00:00:00
mageia
mageia
Updated krb5 package fixes security vulnerabily
2013-11-21 00:38:57
Updated krb5 package fixes security vulnerabilities
2013-11-21 00:41:07
fedora
fedora
[SECURITY] Fedora 20 Update: krb5-1.11.3-29.fc20
2013-11-12 00:28:19
[SECURITY] Fedora 19 Update: krb5-1.11.3-13.fc19
2013-12-03 10:37:37
[SECURITY] Fedora 20 Update: krb5-1.11.5-10.fc20
2014-08-07 15:32:53
veracode
veracode
Denial Of Service
2019-01-15 09:01:24
Denial Of Service (DoS)
2019-05-02 05:04:04
Denial Of Service (DoS)
2019-05-02 05:04:04
debiancve
debiancve
CVE-2013-1418
2013-11-18 03:55:00
cve
cve
CVE-2013-1418
2013-11-18 03:55:00
CVE-2013-6800
2013-11-18 02:55:00
prion
prion
Null pointer dereference
2013-11-18 03:55:00
Null pointer dereference
2013-11-18 02:55:00
ubuntucve
ubuntucve
CVE-2013-1418
2013-11-17 00:00:00
CVE-2013-6800
2013-11-17 00:00:00
ibm
ibm
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-4341, CVE-2013-1418 )
2022-02-23 19:48:26
openvas
openvas
Fedora Update for krb5 FEDORA-2013-21786
2013-12-04 00:00:00
Fedora Update for krb5 FEDORA-2013-21786
2013-12-04 00:00:00
RedHat Update for krb5 RHSA-2014:1245-01
2014-09-17 00:00:00
centos
centos
krb5 security update
2014-09-30 11:21:52
krb5 security update
2014-10-20 18:09:24
oraclelinux
oraclelinux
krb5 security and bug fix update
2014-09-17 00:00:00
krb5 security and bug fix update
2014-10-15 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
redhat
redhat
(RHSA-2014:1245) Moderate: krb5 security and bug fix update
2014-09-16 00:00:00
(RHSA-2014:1389) Moderate: krb5 security and bug fix update
2014-10-14 00:00:00
osv
osv
krb5 - security update
2018-01-31 00:00:00
debian
debian
[SECURITY] [DLA 1265-1] krb5 security update
2018-01-31 17:06:34
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2013-12-16 00:00:00
amazon
amazon
Medium: krb5
2014-11-11 10:25:00
ubuntu
ubuntu
Kerberos vulnerabilities
2014-08-11 00:00:00
JSON
Related for SECURITYVULNS:DOC:30022
checkpoint_advisories1securityvulns1nessus21f54mageia2fedora7veracode3debiancve1cve2prion2ubuntucve2ibm1openvas16centos2oraclelinux3redhat2osv1debian1gentoo1amazon1ubuntu1