866059 – (CVE-2013-6800) VUL-0: CVE-2013-6800: krb5: NULL Pointer Dereference

Bug 866059 (CVE-2013-6800) - VUL-0: CVE-2013-6800: krb5: NULL Pointer Dereference

Summary: VUL-0: CVE-2013-6800: krb5: NULL Pointer Dereference

Status:	RESOLVED DUPLICATE of bug 849240

Alias:	CVE-2013-6800

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other openSUSE 13.1

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Christian Kornacker
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/93953/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-02-27 13:56 UTC by Victor Pereira
Modified:	2014-03-04 15:48 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2014-02-27 13:56:29 UTC

CVE-2013-6800

An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.

References:
http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-6800.html
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800

Comment 3 Swamp Workflow Management 2014-02-27 23:00:15 UTC

bugbot adjusting priority

Comment 4 Marcus Meissner 2014-03-04 15:48:16 UTC

you are right, its basically the same thing and we fixed it.

*** This bug has been marked as a duplicate of bug 849240 ***