Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2013.0027 A vulnerability has been identified in MIT Kerberos 5 25 February 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Kerberos Operating System: UNIX variants (UNIX, Linux, OSX) Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2013-1415 Member content until: Wednesday, March 27 2013 OVERVIEW A vulnerability has been identified in MIT Kerberos 5 prior to Release 1.11. [1] IMPACT The vendor has provided the following details regarding this vulnerability: "Fix a null pointer dereference in the KDC PKINIT code [CVE-2013-1415]." [1] MITIGATION The vendor recommends updating to the latest version of Kerberos to correct this issue. [1] REFERENCES [1] Kerberos 5 Release 1.11.1 http://web.mit.edu/kerberos/www/krb5-1.11/ AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUSrsxO4yVqjM2NGpAQIlkw//TwO4izA0VnVFAIl92eYlrFIYP2P9PKKZ 5XXyLL+4imBhgkwZfjl11ntYU6Ayg1SEMfE08AvvOaxjQSSA4halapX4EBonCKe5 iW9BCPmtaiKZapH/v9BtxwBcYkEU4jvTtUSuMX2po6dnerBUbzxBrNVOzNOy9WDZ zaYp0QBhTQZtNQruq/lPGrmf0WxYkLtfX7TBT9pIC4WDi32lLXaEvDV9xKwdr2Ur KoS3Aqza+OdJL/ZR9UkVYht/3xZ1EsQGtjxygQ95dglowujRfUu+SY36PCQdaRi1 Jhl9igmL1Fje56MUXfs298f0+byKArREdDgN4wwtucS66tCjY/9IV7JZsai29amD ExmGA6uJ7rzobQZHNZhvfbHWr/02izQufolqvp4cXIhXT7SquD9egYDAG4C/sj76 qSSrbuxkdRc9TSLluvRnjb+3p4b3sx/nZRz9hWMKkZaPR8+knWr0rJ1WYo4zmgi2 XbEDGKIO+e3YP3OB3doStTKeA+BfS1QTJTKAiRewWQidzMAojmGh0M/yYs4PhZR2 znD3Am67IwXsZ6s4o1XwlCo+RiugGxRi1BpORlUDoP7IvtaZ8SxBf7msmljRxcba cK3zb+1Rh44LwjpoteO6mzNgQY3MBnPVbI6Apk5LV6wFPgsMRYC/Khslzag90VJ+ vX6/vkGj1J0= =HUj0 -----END PGP SIGNATURE-----