CVE-2010-0629
published 2010-04-07CVE-2010-0629: Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | krb5 | < krb5 1.7+dfsg-1 (bookworm) | krb5 1.7+dfsg-1 (bookworm) |
| fedoraproject | fedora | — | — |
| mit | kerberos_5 | 1.5 – 1.6.3 | — |
| mit | krb5 | >= 0 < 1.7+dfsg-1 | 1.7+dfsg-1 |
| mit | krb5 | >= 0 < 1.7+dfsg-1 | 1.7+dfsg-1 |
| mit | krb5 | >= 0 < 1.7+dfsg-1 | 1.7+dfsg-1 |
| mit | krb5 | >= 0 < 1.7+dfsg-1 | 1.7+dfsg-1 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| suse | linux_enterprise | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM