Bug 850660 - (CVE-2013-1417) VUL-0: CVE-2013-1417: krb5: KDC null deref due to referrals
(CVE-2013-1417)
VUL-0: CVE-2013-1417: krb5: KDC null deref due to referrals
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Christian Kornacker
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-11-15 11:37 UTC by Victor Pereira
Modified: 2013-12-07 22:21 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2013-11-15 11:37:17 UTC
CVE-2013-1417

An authenticated remote client can cause a KDC to crash by making a
valid TGS-REQ to a KDC serving a realm with a single-component name.
The process_tgs_req() function dereferences a null pointer because an

unusual failure condition causes a helper function to return success.
The vulnerable configuration is not likely to arise in practice.
(Realm names that have a single component are likely to be test
realms.)  Releases prior to krb5-1.11 are not vulnerable.

References:
https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1417
https://bugzilla.redhat.com/show_bug.cgi?id=1030743
Comment 1 Swamp Workflow Management 2013-11-15 23:00:19 UTC
bugbot adjusting priority
Comment 2 Marcus Meissner 2013-11-20 17:37:54 UTC
SLES 11 has 1.6.3, so SLES 11 and older are not affected.

openSUSE probably needs updates.
Comment 3 Bernhard Wiedemann 2013-11-21 14:00:22 UTC
This is an autogenerated message for OBS integration:
This bug (850660) was mentioned in
https://build.opensuse.org/request/show/207858 13.1+12.2+12.3 / krb5+krb5-mini+krb5-doc
Comment 4 Bernhard Wiedemann 2013-11-21 17:00:18 UTC
This is an autogenerated message for OBS integration:
This bug (850660) was mentioned in
https://build.opensuse.org/request/show/207880 13.1 / krb5
Comment 5 Swamp Workflow Management 2013-12-07 18:04:40 UTC
openSUSE-SU-2013:1833-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 849240,850660
CVE References: CVE-2013-1417,CVE-2013-1418
Sources used:
openSUSE 13.1 (src):    krb5-1.11.3-3.4.1, krb5-mini-1.11.3-3.4.1
Comment 6 Marcus Meissner 2013-12-07 22:21:08 UTC
released