Lucene search

PRIOn knowledge basePRION:CVE-2010-4022

HistoryFeb 10, 2011 - 6:00 p.m.

Code injection

2011-02-1018:00:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.13 Low

EPSS

Percentile

95.4%

JSON

The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process “exits abnormally,” which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.

CPENameOperatorVersion
kerberos_5eq1.7
kerberos_5eq1.8
kerberos_5eq1.9

Name	Operator	Version
kerberos_5	eq	1.7
kerberos_5	eq	1.8
kerberos_5	eq	1.9

References

lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html

secunia.com/advisories/43260

secunia.com/advisories/43275

securityreason.com/securityalert/8070

web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt

www.mandriva.com/security/advisories?name=MDVSA-2011:025

www.redhat.com/support/errata/RHSA-2011-0200.html

www.securityfocus.com/archive/1/516286/100/0/threaded

www.securityfocus.com/bid/46269

www.securitytracker.com/id?1025035

www.vupen.com/english/advisories/2011/0329

www.vupen.com/english/advisories/2011/0333

www.vupen.com/english/advisories/2011/0347

www.vupen.com/english/advisories/2011/0464

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.13 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2010-4022