Vulnerability Description
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mit | Kerberos | 5-1.10.5 |
| Mit | Kerberos 5 | 1.10 |
References
- http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
- http://www.securityfocus.com/bid/63770
- https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89dPatch
- http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
- http://www.securityfocus.com/bid/63770
- https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89dPatch
FAQ
What is CVE-2013-6800?
CVE-2013-6800 is a vulnerability with a CVSS score of 4.0 (MEDIUM). An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer derefe...
How severe is CVE-2013-6800?
CVE-2013-6800 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6800?
Check the references section above for vendor advisories and patch information. Affected products include: Mit Kerberos, Mit Kerberos 5.