Unrated severityNVD Advisory· Published May 19, 2010· Updated Apr 29, 2026
CVE-2010-1321
CVE-2010-1321
Description
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
Affected products
19cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:-:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
59- web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txtnvdPatchVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.htmlnvdMailing ListThird Party Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- secunia.com/advisories/39762nvdThird Party Advisory
- secunia.com/advisories/39784nvdThird Party Advisory
- secunia.com/advisories/39799nvdThird Party Advisory
- secunia.com/advisories/39818nvdThird Party Advisory
- secunia.com/advisories/39849nvdThird Party Advisory
- secunia.com/advisories/40346nvdThird Party Advisory
- secunia.com/advisories/40685nvdThird Party Advisory
- secunia.com/advisories/41967nvdThird Party Advisory
- secunia.com/advisories/42432nvdThird Party Advisory
- secunia.com/advisories/42974nvdThird Party Advisory
- secunia.com/advisories/43335nvdThird Party Advisory
- secunia.com/advisories/44954nvdThird Party Advisory
- support.avaya.com/css/P8/documents/100114315nvdThird Party Advisory
- www.debian.org/security/2010/dsa-2052nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpujuly2011-313328.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0423.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0770.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0807.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0873.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0935.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0987.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0152.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0880.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/511331/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/516397/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/40235nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-940-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-940-2nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdThird Party AdvisoryUS Government Resource
- www.us-cert.gov/cas/techalerts/TA11-201A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1177nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1192nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1193nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1196nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1222nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1574nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1882nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/3112nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0134nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604nvdBroken LinkThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198nvdBroken LinkThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450nvdBroken LinkThird Party Advisory
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken Link
- osvdb.org/64744nvdBroken Link
News mentions
0No linked articles in our index yet.