VYPR
Unrated severityNVD Advisory· Published Apr 19, 2013· Updated Jun 16, 2026

CVE-2013-1416

CVE-2013-1416

Description

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • Mit/Kerberos 52 versions
    cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*range: <1.10.5
    • (no CPE)range: <1.10.5
  • cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE4 versions
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.