The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.
|Base Score:||4||Base Metrics:||AV:N/AC:L/Au:S/C:N/I:N/A:P|
|Access Vector:||Network||Attack Complexity:||Low|
|Authentication:||Requires single instance||Confidentiality Impact:||None|
|Integrity Impact:||None||Availability Impact:||Partial|
|Oracle Linux version 6 (krb5)||ELSA-2013-0748||2013-04-16|
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team