VDB
GCVE-110-MAGEIA-2013-336
GCVE-110-MAGEIA-2013-336
Advisory Published
An authenticated remote client can cause a KDC to crash by making a valid
TGS-REQ to a KDC serving a realm with a single-component name. The
process_tgs_req() function dereferences a null pointer because an unusual
failure condition causes a helper function to return success
(CVE-2013-1417).
If a KDC serves multiple realms, certain requests can cause
setup_server_realm() to dereference a null pointer, crashing the KDC.
This can be triggered by an unauthenticated user (CVE-2013-1418).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | krb5 | 0 (affected), 1.11.1-1.3.mga3 (unaffected) | — |
Aliases
Browse GCVE Records
73,685 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.