6.8
CVSSv2

CVE-2010-1321

Published: 19/05/2010 Updated: 21/01/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
VMScore: 605
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Vulnerability Summary

The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) up to and including 1.7.1 and 1.8 prior to 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.

Vulnerable Product Search on Vulmon Subscribe to Product

mit kerberos 5-1.6.3

mit kerberos 5-1.8

mit kerberos

mit kerberos 5 -

mit kerberos 5 1.0

mit kerberos 5 1.0.6

mit kerberos 5 1.1

mit kerberos 5 1.1.1

mit kerberos 5 1.2

mit kerberos 5 1.2.1

mit kerberos 5 1.2.2

mit kerberos 5 1.2.3

mit kerberos 5 1.2.4

mit kerberos 5 1.2.5

mit kerberos 5 1.2.6

mit kerberos 5 1.2.7

mit kerberos 5 1.2.8

mit kerberos 5 1.3

mit kerberos 5 1.3.1

mit kerberos 5 1.3.2

mit kerberos 5 1.3.3

mit kerberos 5 1.3.4

mit kerberos 5 1.3.5

mit kerberos 5 1.3.6

mit kerberos 5 1.4

mit kerberos 5 1.4.1

mit kerberos 5 1.4.2

mit kerberos 5 1.4.3

mit kerberos 5 1.4.4

mit kerberos 5 1.5

mit kerberos 5 1.5.1

mit kerberos 5 1.5.2

mit kerberos 5 1.5.3

mit kerberos 5 1.6

mit kerberos 5 1.6.1

mit kerberos 5 1.6.2

mit kerberos 5 1.7

mit kerberos 5 1.7.1

mit kerberos 5 1.8

derrick brashear kadmind

Vendor Advisories

Debian Bug report logs - #582261 krb5: CVE-2010-1321 GSS-API library null pointer dereference Package: src:krb5; Maintainer for src:krb5 is Sam Hartman <hartmans@debianorg>; Reported by: Sebastien Delafond <seb@debianorg> Date: Wed, 19 May 2010 14:33:01 UTC Severity: grave Tags: security Fixed in version krb5/18 ...
An attacker could send crafted input to kadmind and cause it to crash ...
Unauthenticated remote attackers could cause Kerberos servers to crash, leading to a denial of service ...
Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThe Red Hat Security Response Team has rated this update as having cri ...
VMware ESX 41 without patches ESX410-201010413-SG, ESX410-201010409-SG, ESX410-201010412-SG ...
MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is in the GSS-API acceptor component due to lack of pointer validation  An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected component  ...
VMSA-2011-00032 VMware Security Advisory   VMware Security Advisory Advisory ID: VMSA-2011-00032 VMware Security Advisory Synopsis: Third p ...

References

NVD-CWE-Otherhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.htmlhttp://marc.info/?l=bugtraq&m=134254866602253&w=2http://osvdb.org/64744http://secunia.com/advisories/39762http://secunia.com/advisories/39784http://secunia.com/advisories/39799http://secunia.com/advisories/39818http://secunia.com/advisories/39849http://secunia.com/advisories/40346http://secunia.com/advisories/40685http://secunia.com/advisories/41967http://secunia.com/advisories/42432http://secunia.com/advisories/42974http://secunia.com/advisories/43335http://secunia.com/advisories/44954http://support.avaya.com/css/P8/documents/100114315http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txthttp://www.debian.org/security/2010/dsa-2052http://www.mandriva.com/security/advisories?name=MDVSA-2010:100http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlhttp://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlhttp://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0423.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0770.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0807.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0873.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0935.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0987.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0152.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0880.htmlhttp://www.securityfocus.com/archive/1/511331/100/0/threadedhttp://www.securityfocus.com/archive/1/516397/100/0/threadedhttp://www.securityfocus.com/bid/40235http://www.ubuntu.com/usn/USN-940-1http://www.ubuntu.com/usn/USN-940-2http://www.us-cert.gov/cas/techalerts/TA10-287A.htmlhttp://www.us-cert.gov/cas/techalerts/TA11-201A.htmlhttp://www.vmware.com/security/advisories/VMSA-2011-0003.htmlhttp://www.vupen.com/english/advisories/2010/1177http://www.vupen.com/english/advisories/2010/1192http://www.vupen.com/english/advisories/2010/1193http://www.vupen.com/english/advisories/2010/1196http://www.vupen.com/english/advisories/2010/1222http://www.vupen.com/english/advisories/2010/1574http://www.vupen.com/english/advisories/2010/1882http://www.vupen.com/english/advisories/2010/3112http://www.vupen.com/english/advisories/2011/0134https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450https://www.rapid7.com/db/vulnerabilities/apple-java-cve-2010-1321https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582261https://usn.ubuntu.com/940-2/https://nvd.nist.govhttps://www.rapid7.com/db/vulnerabilities/suse-sr-2011-008