CVE-2013-6800

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (aka krb5) versions 1.10.x through 1.11.3

Description The issue affects the Key Distribution Center (KDC) in MIT Kerberos 5 due to an unspecified third-party database module. It allows remote authenticated users to cause a denial of service via a crafted request, resulting in a NULL pointer dereference and daemon crash. Additionally, multiple vulnerabilities in the mit-krb5 package prior to version 1.11.4 may lead to breaches of confidentiality, integrity, and availability of protected information, with potential for remote exploitation.

Recommendations For versions 1.10.x through 1.11.3, update to version 1.11.4 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.