CVE-2010-1320

MIT Kerberos <1.8.2 - Use After Free

Title source: llm
STIX 2.1

Description

Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Joel Johnson · textremotelinux
https://www.exploit-db.com/exploits/33855

References (15)

Core 15
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-940-1
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510843/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39784
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1481
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39656
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1192
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4188
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40220
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1023904
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1001
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39599

Scores

EPSS 0.2207
EPSS Percentile 95.9%

Details

CWE
CWE-399
Status published
Products (4)
mit/kerberos_5 1.7
mit/kerberos_5 1.7.1
mit/kerberos_5 1.8
mit/kerberos_5 1.8.1
Published Apr 22, 2010
Tracked Since Feb 18, 2026