QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-1321

Back to search

CVE-2010-1321

Published: May 19, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SU-2012:0042
vendor-advisory
x_refsource_SUSE
39818
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0134
vdb-entry
x_refsource_VUPEN
39784
third-party-advisory
x_refsource_SECUNIA
USN-940-1
vendor-advisory
x_refsource_UBUNTU
HPSBMU02799
vendor-advisory
x_refsource_HP
MDVSA-2010:100
vendor-advisory
x_refsource_MANDRIVA
TA11-201A
third-party-advisory
x_refsource_CERT
FEDORA-2010-8749
vendor-advisory
x_refsource_FEDORA
RHSA-2010:0770
vendor-advisory
x_refsource_REDHAT
40685
third-party-advisory
x_refsource_SECUNIA
40235
vdb-entry
x_refsource_BID
FEDORA-2010-8796
vendor-advisory
x_refsource_FEDORA
ADV-2010-1574
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:7198
vdb-entry
signature
x_refsource_OVAL
ADV-2010-1192
vdb-entry
x_refsource_VUPEN
39799
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1196
vdb-entry
x_refsource_VUPEN
SUSE-SR:2010:013
vendor-advisory
x_refsource_SUSE
SSRT100107
vendor-advisory
x_refsource_HP
39849
third-party-advisory
x_refsource_SECUNIA
RHSA-2010:0987
vendor-advisory
x_refsource_REDHAT
44954
third-party-advisory
x_refsource_SECUNIA
USN-940-2
vendor-advisory
x_refsource_UBUNTU
42432
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:7450
vdb-entry
signature
x_refsource_OVAL
39762
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0880
vendor-advisory
x_refsource_REDHAT
SUSE-SU-2012:0010
vendor-advisory
x_refsource_SUSE
RHSA-2010:0873
vendor-advisory
x_refsource_REDHAT
SUSE-SR:2010:014
vendor-advisory
x_refsource_SUSE
HPSBUX02544
vendor-advisory
x_refsource_HP
ADV-2010-1177
vdb-entry
x_refsource_VUPEN
42974
third-party-advisory
x_refsource_SECUNIA
ADV-2010-3112
vdb-entry
x_refsource_VUPEN
FEDORA-2010-8805
vendor-advisory
x_refsource_FEDORA
TA10-287A
third-party-advisory
x_refsource_CERT
43335
third-party-advisory
x_refsource_SECUNIA
DSA-2052
vendor-advisory
x_refsource_DEBIAN
RHSA-2010:0423
vendor-advisory
x_refsource_REDHAT
SUSE-SR:2010:019
vendor-advisory
x_refsource_SUSE
ADV-2010-1882
vdb-entry
x_refsource_VUPEN
RHSA-2011:0152
vendor-advisory
x_refsource_REDHAT
40346
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11604
vdb-entry
signature
x_refsource_OVAL
41967
third-party-advisory
x_refsource_SECUNIA
RHSA-2010:0807
vendor-advisory
x_refsource_REDHAT
RHSA-2010:0935
vendor-advisory
x_refsource_REDHAT
64744
vdb-entry
x_refsource_OSVDB
ADV-2010-1222
vdb-entry
x_refsource_VUPEN
ADV-2010-1193
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now