Unrated severityNVD Advisory· Published Mar 5, 2010· Updated Apr 29, 2026
CVE-2010-0433
CVE-2010-0433
Description
The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
Affected products
14cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: <=0.9.8m
- cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- aix.software.ibm.com/aix/efixes/security/openssl_advisory.ascnvd
- cvs.openssl.org/chngviewnvd
- groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7nvd
- lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.htmlnvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/39461nvd
- secunia.com/advisories/39932nvd
- secunia.com/advisories/42724nvd
- secunia.com/advisories/42733nvd
- secunia.com/advisories/43311nvd
- www.mail-archive.com/dovecot%40dovecot.org/msg26224.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openssl.org/news/changelog.htmlnvd
- www.openwall.com/lists/oss-security/2010/03/03/5nvd
- www.securityfocus.com/archive/1/516397/100/0/threadednvd
- www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvd
- www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.htmlnvd
- www.vupen.com/english/advisories/2010/0839nvd
- www.vupen.com/english/advisories/2010/0916nvd
- www.vupen.com/english/advisories/2010/0933nvd
- www.vupen.com/english/advisories/2010/1216nvd
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- kb.bluecoat.com/indexnvd
- lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.htmlnvd
- lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.htmlnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856nvd
News mentions
0No linked articles in our index yet.