Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-1320. PoCs published by Joel Johnson.
AI-analyzed exploit summary The provided text describes a remote memory-corruption vulnerability in MIT Kerberos, exploitable via crafted ticket-renewal requests. No functional exploit code is included, only a reference to a proof-of-concept command (`kinit -R`) and a note that no code-execution exploits are known.
Description
Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.
Exploits (1)
The provided text describes a remote memory-corruption vulnerability in MIT Kerberos, exploitable via crafted ticket-renewal requests. No functional exploit code is included, only a reference to a proof-of-concept command (`kinit -R`) and a note that no code-execution exploits are known.