CVE-2010-1321
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| NULL Pointer Dereference The product dereferences a pointer that it expects to be valid but is NULL. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 6.8 | AV:N/AC:L/Au:S/C:N/I:N/A:C | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Products Mentioned
Configuraton 0
Mit>>Kerberos_5 >> Version To (including) 1.7.1
- Mit>>Kerberos_5 >> Version - (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0.5 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0.6 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.0.7 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.1.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.5 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.6 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.7 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.2.8 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.5 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.3.6 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.4.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.4.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.4.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.4.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.5 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.5.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.5.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.5.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.5.4 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.6 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.6.1 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.6.2 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.6.3 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.7 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.7.1 (Open CPE detail)
Mit>>Kerberos_5 >> Version From (including) 1.8 To (excluding) 1.8.2
- Mit>>Kerberos_5 >> Version 1.8 (Open CPE detail)
- Mit>>Kerberos_5 >> Version 1.8.1 (Open CPE detail)
Configuraton 0
Debian>>Debian_linux >> Version 5.0
- Debian>>Debian_linux >> Version 5.0 (Open CPE detail)
Debian>>Debian_linux >> Version 6.0
- Debian>>Debian_linux >> Version 6.0 (Open CPE detail)
Configuraton 0
Canonical>>Ubuntu_linux >> Version 6.06
- Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 8.04
- Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 9.04
- Canonical>>Ubuntu_linux >> Version 9.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 9.10
- Canonical>>Ubuntu_linux >> Version 9.10 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 10.04
- Canonical>>Ubuntu_linux >> Version 10.04 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 10.04 (Open CPE detail)
- Canonical>>Ubuntu_linux >> Version 10.04 (Open CPE detail)
Configuraton 0
Oracle>>Database_server >> Version -
- Oracle>>Database_server >> Version - (Open CPE detail)
- Oracle>>Database_server >> Version - (Open CPE detail)
Configuraton 0
Opensuse>>Opensuse >> Version 11.0
- Opensuse>>Opensuse >> Version 11.0 (Open CPE detail)
Opensuse>>Opensuse >> Version 11.1
- Opensuse>>Opensuse >> Version 11.1 (Open CPE detail)
Opensuse>>Opensuse >> Version 11.2
- Opensuse>>Opensuse >> Version 11.2 (Open CPE detail)
Opensuse>>Opensuse >> Version 11.3
- Opensuse>>Opensuse >> Version 11.3 (Open CPE detail)
Suse>>Linux_enterprise_server >> Version 10
- Suse>>Linux_enterprise_server >> Version 10 (Open CPE detail)
Suse>>Linux_enterprise_server >> Version 11
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
Suse>>Linux_enterprise_server >> Version 11
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
- Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)
Configuraton 0
Fedoraproject>>Fedora >> Version 11
- Fedoraproject>>Fedora >> Version 11 (Open CPE detail)
Fedoraproject>>Fedora >> Version 12
- Fedoraproject>>Fedora >> Version 12 (Open CPE detail)
Fedoraproject>>Fedora >> Version 13
- Fedoraproject>>Fedora >> Version 13 (Open CPE detail)
References
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/511331/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.mandriva.com/security/advisories?name=MDVSA-2010:100
Tags : vendor-advisory, x_refsource_MANDRIVA
Tags : vendor-advisory, x_refsource_MANDRIVA
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Tags : vendor-advisory, x_refsource_HP
Tags : vendor-advisory, x_refsource_HP
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
2025©
tesweb SA
