CVE-2010-1322
published 2010-10-07CVE-2010-1322: The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an…
PriorityP433medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
3.04%
85.9th percentile
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | krb5 | < krb5 1.8.3+dfsg-2 (bookworm) | krb5 1.8.3+dfsg-2 (bookworm) |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.8.3+dfsg-2 | 1.8.3+dfsg-2 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-2 | 1.8.3+dfsg-2 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-2 | 1.8.3+dfsg-2 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-2 | 1.8.3+dfsg-2 |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
krb5: KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)
vendor_redhat·2010-10-05·CVSS 6.5
CVE-2010-1322 [MEDIUM] krb5: KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)
krb5: KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
Statement: This issue did not affect Red Hat Enterprise Linux 3, 4, or 5. It was addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2010-0863.html.
Package: krb5 (Red Hat Enter
Ubuntu
Kerberos vulnerability
vendor_ubuntu·2010-10-05
CVE-2010-1322 Kerberos vulnerability
Title: Kerberos vulnerability
Summary: Remote authenticated users could crash the KDC.
Mike Roszkowski discovered that the Kerberos KDC did not correctly
validate the contents of certain messages. If an authenticated remote
attacker sent specially crafted TGS requests, the KDC service would crash,
leading to a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2010-1322: krb5 - The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KD...
vendor_debian·2010·CVSS 6.5
CVE-2010-1322 [MEDIUM] CVE-2010-1322: krb5 - The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KD...
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
Scope: local
bookworm: resolved (fixed in 1.8.3+dfsg-2)
bullseye: resolved (fixed in 1.8.3+dfsg-2)
forky: resolved (fixed in 1.8.3+dfsg-2)
sid: resolved (fixed in 1.8.3+dfsg-2)
trixie: resolved (fixed in 1.8.3+dfsg-2)
GHSA
GHSA-x582-whcx-rpqp: The merge_authdata function in kdc_authdata
ghsa_unreviewed·2022-05-02
CVE-2010-1322 [MEDIUM] CWE-20 GHSA-x582-whcx-rpqp: The merge_authdata function in kdc_authdata
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
OSV
CVE-2010-1322: The merge_authdata function in kdc_authdata
osv·2010-10-07·CVSS 6.5
CVE-2010-1322 [MEDIUM] CVE-2010-1322: The merge_authdata function in kdc_authdata
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2010:202http://www.redhat.com/support/errata/RHSA-2010-0863.htmlhttp://www.securityfocus.com/archive/1/514144/100/0/threadedhttp://www.securityfocus.com/bid/43756http://www.ubuntu.com/usn/USN-999-1http://www.vupen.com/english/advisories/2010/2865http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2010:202http://www.redhat.com/support/errata/RHSA-2010-0863.htmlhttp://www.securityfocus.com/archive/1/514144/100/0/threadedhttp://www.securityfocus.com/bid/43756http://www.ubuntu.com/usn/USN-999-1http://www.vupen.com/english/advisories/2010/2865
2010-10-07
Published