Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-0628
HistoryMar 25, 2010 - 10:30 p.m.

CVE-2010-0628

2010-03-2522:30:00
mitre
web.nvd.nist.gov
36
cve-2010-0628
mit kerberos 5
spnego
gss-api
remote
denial of service
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.15

Percentile

95.8%

JSON

The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.

Affected configurations

Nvd
Node
mitkerberos_5Match1.7
OR
mitkerberos_5Match1.7.1
OR
mitkerberos_5Match1.8
VendorProductVersionCPE
mitkerberos_51.7cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
mitkerberos_51.7.1cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
mitkerberos_51.8cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*

Related

nessus 5
debiancve 1
cvelist 1
fedora 4
ubuntucve 1
securityvulns 2
prion 1
nvd 1
openvas 10
ubuntu 1
freebsd 1
nessus
nessus
openSUSE Security Update : krb5 (krb5-2188)
2010-03-26 00:00:00
Fedora 13 : krb5-1.7.1-7.fc13 (2010-4608)
2010-07-01 00:00:00
Fedora 12 : krb5-1.7.1-6.fc12 (2010-4677)
2010-07-01 00:00:00
debiancve
debiancve
CVE-2010-0628
2010-03-25 22:30:00
cvelist
cvelist
CVE-2010-0628
2010-03-25 22:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: krb5-1.7.1-7.fc13
2010-04-01 17:19:30
[SECURITY] Fedora 12 Update: krb5-1.7.1-6.fc12
2010-03-27 00:55:38
[SECURITY] Fedora 12 Update: krb5-1.7.1-7.fc12
2010-04-21 21:58:12
ubuntucve
ubuntucve
CVE-2010-0628
2010-03-24 00:00:00
securityvulns
securityvulns
MIT Kerberos DoS
2010-03-25 00:00:00
MITKRB5-SA-2010-002 denial of service in SPNEGO [CVE-2010-0628 VU#839413]
2010-03-25 00:00:00
prion
prion
Design/Logic Flaw
2010-03-25 22:30:00
nvd
nvd
CVE-2010-0628
2010-03-25 22:30:00
openvas
openvas
Ubuntu Update for krb5 vulnerabilities USN-916-1
2010-03-31 00:00:00
Ubuntu: Security Advisory (USN-916-1)
2010-03-31 00:00:00
FreeBSD Ports: krb5
2010-04-21 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2010-03-23 00:00:00
freebsd
freebsd
krb5 -- multiple denial of service vulnerabilities
2010-02-16 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.15

Percentile

95.8%

JSON
Related for CVE-2010-0628
nessus5debiancve1cvelist1fedora4ubuntucve1securityvulns2prion1nvd1openvas10ubuntu1freebsd1