leading "/" crashed KDC

Tom Yu tlyu at MIT.EDU
Tue Aug 6 23:47:44 EDT 2013


Benjamin Kaduk <kaduk at MIT.EDU> writes:

> On Mon, 5 Aug 2013, Jim Shi wrote:
>
>> Any idea what is wellknown:org.h5l.hostbased-service?
>>
>> We have seen requests of a service ticket of service principal of 
>> "/wellknown:org.h5l.hostbased-service at MY_REALM" which crashed our KDC.
>
> The crash is CVE-2013-1416, the fix for 1.10 is at 
> https://github.com/krb5/krb5/commit/8ee70ec63931d1e38567905387ab9b1d45734d81
>
> The "wellknown" names are related to anonymous request processing, though 
> I don't remember offhand which form exactly that is.

I think the above form matches none of the special well-known
principal name forms that RFC 6111 specifies.


More information about the Kerberos mailing list