NVD

Id
12853  
Name
CVE-2010-1321  
Description
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator"s checksum field is missing.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:N/A:C)  
Pub Date
2017-01-18  
Published
2010-05-19  
Modified Date
2016-08-22  
Seq
2010-1321  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
70773 12853 CVE-2010-1321 SSRT100107  View
70774 12853 CVE-2010-1321 FEDORA-2010-8749  View
70775 12853 CVE-2010-1321 FEDORA-2010-8796  View
70776 12853 CVE-2010-1321 FEDORA-2010-8805  View
70777 12853 CVE-2010-1321 SUSE-SR:2010:013  View
70778 12853 CVE-2010-1321 SUSE-SR:2010:014  View
70779 12853 CVE-2010-1321 SUSE-SR:2010:019  View
70780 12853 CVE-2010-1321 SUSE-SU-2012:0010  View
70781 12853 CVE-2010-1321 SUSE-SU-2012:0042  View
70782 12853 CVE-2010-1321 HPSBMU02799  View
70783 12853 CVE-2010-1321 oval:org.mitre.oval:def:11604  View
70784 12853 CVE-2010-1321 oval:org.mitre.oval:def:7198  View
70785 12853 CVE-2010-1321 oval:org.mitre.oval:def:7450  View
70786 12853 CVE-2010-1321 http://support.avaya.com/css/P8/documents/100114315  View
70787 12853 CVE-2010-1321 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt  View
70788 12853 CVE-2010-1321 DSA-2052  View
70789 12853 CVE-2010-1321 MDVSA-2010:100  View
70790 12853 CVE-2010-1321 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html  View
70791 12853 CVE-2010-1321 http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html  View
70792 12853 CVE-2010-1321 http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html  View
70793 12853 CVE-2010-1321 http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html  View
70794 12853 CVE-2010-1321 RHSA-2010:0423  View
70795 12853 CVE-2010-1321 RHSA-2010:0770  View
70796 12853 CVE-2010-1321 RHSA-2010:0807  View
70797 12853 CVE-2010-1321 RHSA-2010:0873  View
70798 12853 CVE-2010-1321 RHSA-2010:0935  View
70799 12853 CVE-2010-1321 RHSA-2010:0987  View
70800 12853 CVE-2010-1321 RHSA-2011:0152  View
70801 12853 CVE-2010-1321 RHSA-2011:0880  View
70802 12853 CVE-2010-1321 20100518 MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref  View
70803 12853 CVE-2010-1321 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX  View
70804 12853 CVE-2010-1321 40235  View
70805 12853 CVE-2010-1321 USN-940-1  View
70806 12853 CVE-2010-1321 USN-940-2  View
70807 12853 CVE-2010-1321 TA10-287A  View
70808 12853 CVE-2010-1321 TA11-201A  View
70809 12853 CVE-2010-1321 http://www.vmware.com/security/advisories/VMSA-2011-0003.html  View
70810 12853 CVE-2010-1321 ADV-2010-1177  View
70811 12853 CVE-2010-1321 ADV-2010-1192  View
70812 12853 CVE-2010-1321 ADV-2010-1193  View
70813 12853 CVE-2010-1321 ADV-2010-1196  View
70814 12853 CVE-2010-1321 ADV-2010-1222  View
70815 12853 CVE-2010-1321 ADV-2010-1574  View
70816 12853 CVE-2010-1321 ADV-2010-1882  View
70817 12853 CVE-2010-1321 ADV-2010-3112  View
70818 12853 CVE-2010-1321 ADV-2011-0134  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35721 JVNDB-2010-001501 MIT Kerberos 5 の GSS-API ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 MIT Kerberos 5 の GSS-API ライブラリにある kg_accept_krb5 関数には、不正な GSS-API トークンを適切にチェックしないため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2010-1321 43901 CVE-2010-1321 12853 6.8 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001501.html 2010-05-18 2012-12-18 View