CVE-2010-0035

2010-02-1018:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2010-0035

key distribution center

kerberos

microsoft windows

denial of service

remote authenticated users

null pointer dereference

domain controller outage

6 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2, when a trust relationship with a non-Windows Kerberos realm exists, allows remote authenticated users to cause a denial of service (NULL pointer dereference and domain controller outage) via a crafted Ticket Granting Ticket (TGT) renewal request, aka “Kerberos Null Pointer Dereference Vulnerability.”

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_server_2008microsoft windows server 2008eq*
microsoft:windows_server_2003microsoft windows server 2003eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	*
microsoft:windows_server_2003	microsoft windows server 2003	eq	*