Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2010-1320

Published: 22/04/2010 Updated: 21/01/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Kerberos 5

Vulnerability Summary

Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x prior to 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.

Vulnerable Product Search on Vulmon Subscribe to Product

mit kerberos 5 1.8

mit kerberos 5 1.8.1

mit kerberos 5 1.7

mit kerberos 5 1.7.1

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2010-1320 double free in KDC caused by ticket renewal
Debian Bug report logs - #577490 CVE-2010-1320 double free in KDC caused by ticket renewal Package: krb5-kdc; Maintainer for krb5-kdc is Sam Hartman <hartmans@debianorg>; Source for krb5-kdc is src:krb5 (PTS, buildd, popcon) Reported by: Joel Johnson <mrjoel@lixilnet> Date: Mon, 12 Apr 2010 05:39:01 UTC Severity: ...
Ubuntu Security Notice: krb5 vulnerabilities
Unauthenticated remote attackers could cause Kerberos servers to crash, leading to a denial of service ...
Ubuntu Security Notice: krb5 vulnerability
An attacker could send crafted input to kadmind and cause it to crash ...

Exploits

Exploit DB: MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double-Free Memory Corruption
source: wwwsecurityfocuscom/bid/39599/info MIT Kerberos is prone to a remote memory-corruption vulnerability An authenticated attacker can exploit this issue by sending specially crafted ticket-renewal requests to a vulnerable computer Successfully exploiting this issue can allow the attacker to execute arbitrary code with superuser p ...

References

CWE-399http://securitytracker.com/id?1023904http://www.securityfocus.com/bid/39599http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txthttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.htmlhttp://www.vupen.com/english/advisories/2010/1001http://secunia.com/advisories/39656http://www.ubuntu.com/usn/USN-940-1http://www.vupen.com/english/advisories/2010/1192http://secunia.com/advisories/39784http://support.apple.com/kb/HT4188http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlhttp://secunia.com/advisories/40220http://www.vupen.com/english/advisories/2010/1481http://www.securityfocus.com/archive/1/510843/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490https://nvd.nist.govhttps://usn.ubuntu.com/940-1/https://www.exploit-db.com/exploits/33855/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook