Vulnerability Details : CVE-2010-4022
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-4022
Probability of exploitation activity in the next 30 days: 13.03%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4022
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2010-4022
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-4022
-
http://www.securitytracker.com/id?1025035
Kerberos KDC Database Propagation Daemon Input Validation Flaw Lets Remote Users Deny Service - SecurityTracker
-
http://www.redhat.com/support/errata/RHSA-2011-0200.html
Support
-
http://www.vupen.com/english/advisories/2011/0464
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2011/0347
Webmail | OVH- OVHVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2011:004
-
http://www.securityfocus.com/bid/46269
MIT Kerberos 'kpropd' Remote Denial Of Service Vulnerability
-
http://www.vupen.com/english/advisories/2011/0329
Webmail | OVH- OVHVendor Advisory
-
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt
Patch;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025
mandriva.com
-
http://www.securityfocus.com/archive/1/516286/100/0/threaded
SecurityFocus
-
http://www.vupen.com/english/advisories/2011/0333
Webmail | OVH- OVHVendor Advisory
-
http://securityreason.com/securityalert/8070
mit kerberos 5-1.9 kpropd denial of service - CXSecurity.com
Products affected by CVE-2010-4022
- cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*