CVE-2010-1320

MIT Kerberos <1.8.2 - Use After Free

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-1320. PoCs published by Joel Johnson.

AI-analyzed exploit summary The provided text describes a remote memory-corruption vulnerability in MIT Kerberos, exploitable via crafted ticket-renewal requests. No functional exploit code is included, only a reference to a proof-of-concept command (`kinit -R`) and a note that no code-execution exploits are known.

Description

Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Joel Johnson · textremotelinux
https://www.exploit-db.com/exploits/33855

The provided text describes a remote memory-corruption vulnerability in MIT Kerberos, exploitable via crafted ticket-renewal requests. No functional exploit code is included, only a reference to a proof-of-concept command (`kinit -R`) and a note that no code-execution exploits are known.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: MIT Kerberos
Auth required
Prerequisites: Authenticated access to the Kerberos service
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-940-1
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510843/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39784
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1481
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39656
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1192
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4188
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40220
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1023904
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1001
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39599

Scores

EPSS 0.1186
EPSS Percentile 95.6%

Details

CWE
CWE-399
Status published
Products (4)
mit/kerberos_5 1.7
mit/kerberos_5 1.7.1
mit/kerberos_5 1.8
mit/kerberos_5 1.8.1
Published Apr 22, 2010
Tracked Since Feb 18, 2026