Medium severity6.5NVD Advisory· Published Apr 7, 2010· Updated Apr 29, 2026

CVE-2010-0629

Description

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.

Affected products

Mit/Kerberos 5
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
Range: >=1.5,<=1.6.3
Canonical (company)/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise
cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txtnvdPatchVendor Advisory
www.securityfocus.com/bid/39247nvdBroken LinkPatchThird Party AdvisoryVDB Entry
bugs.debian.org/cgi-bin/bugreport.cginvdExploitIssue TrackingMailing List
krbdev.mit.edu/rt/Ticket/Display.htmlnvdVendor Advisory
securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
ubuntu.com/usn/usn-924-1nvdThird Party Advisory
www.securityfocus.com/archive/1/510566/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.htmlnvdMailing List
lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.htmlnvdMailing List
secunia.com/advisories/39264nvdBroken Link
secunia.com/advisories/39290nvdBroken Link
secunia.com/advisories/39315nvdBroken Link
secunia.com/advisories/39324nvdBroken Link
secunia.com/advisories/39367nvdBroken Link
www.debian.org/security/2010/dsa-2031nvdMailing List
www.mandriva.com/security/advisoriesnvdBroken Link
www.redhat.com/support/errata/RHSA-2010-0343.htmlnvdBroken Link
www.vupen.com/english/advisories/2010/0876nvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000