Lucene search
Ubuntu.comUB:CVE-2010-1322HistoryOct 05, 2010 - 12:00 a.m.
CVE-2010-1322
2010-10-0500:00:00
ubuntu.com
ubuntu.com
12
0.887 High
EPSS
Percentile
98.7%
The merge_authdata function in kdc_authdata.c in the Key Distribution
Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not
properly manage an index into an authorization-data list, which allows
remote attackers to cause a denial of service (daemon crash), or possibly
obtain sensitive information, spoof authorization, or execute arbitrary
code, via a TGS request that triggers an uninitialized pointer dereference,
as demonstrated by a request from a Windows Active Directory client.
Related
openvas
openvas
Ubuntu Update for krb5 vulnerability USN-999-1
2010-10-19 00:00:00
Ubuntu: Security Advisory (USN-999-1)
2010-10-19 00:00:00
Fedora Update for krb5 FEDORA-2010-15803
2010-12-02 00:00:00
nessus
nessus
Fedora 14 : krb5-1.8.2-6.fc14 (2010-15803)
2010-10-15 00:00:00
openSUSE Security Update : krb5 (openSUSE-SU-2010:0709-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : krb5 (MDVSA-2010:202)
2010-10-14 00:00:00
securityvulns
securityvulns
MITKRB5-SA-2010-006 [CVE-2010-1322] KDC uninitialized pointer crash in authorization data handling
2010-10-06 00:00:00
MIT Kerberos 5 uninitialized pointer
2010-10-06 00:00:00
debiancve
debiancve
CVE-2010-1322
2010-10-07 21:00:00
ubuntu
ubuntu
Kerberos vulnerability
2010-10-05 00:00:00
prion
prion
Authorization
2010-10-07 21:00:00
redhat
redhat
(RHSA-2010:0863) Important: krb5 security update
2010-11-10 00:00:00
cvelist
cvelist
CVE-2010-1322
2010-10-07 20:21:00
fedora
fedora
[SECURITY] Fedora 14 Update: krb5-1.8.2-6.fc14
2010-10-14 14:11:34
[SECURITY] Fedora 14 Update: krb5-1.8.4-3.fc14
2011-11-16 00:32:59
cve
cve
CVE-2010-1322
2010-10-07 21:00:00
oraclelinux
oraclelinux
krb5 security update
2011-02-10 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2012-01-23 00:00:00