Unrated severityNVD Advisory· Published Jun 7, 2012· Updated Jun 16, 2026
CVE-2012-1012
CVE-2012-1012
Description
server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global list privilege.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
- (no CPE)range: >=1.10, <1.10.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.