{ "threat_severity" : "Important", "public_date" : "2010-10-05T00:00:00Z", "bugzilla" : { "description" : "krb5: KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)", "id" : "636335", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=636335" }, "cvss" : { "cvss_base_score" : "6.5", "cvss_scoring_vector" : "AV:N/AC:L/Au:S/C:P/I:P/A:P", "status" : "verified" }, "details" : [ "The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client." ], "statement" : "This issue did not affect Red Hat Enterprise Linux 3, 4, or 5. It was addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2010-0863.html.", "acknowledgement" : "Red Hat would like to thank MIT Kerberos Team for reporting this issue. Upstream acknowledges Mike Roszkowski as the original reporter.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2010-11-10T00:00:00Z", "advisory" : "RHSA-2010:0863", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "krb5-0:1.8.2-3.el6_0.1" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 4", "fix_state" : "Not affected", "package_name" : "krb5", "cpe" : "cpe:/o:redhat:enterprise_linux:4" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "krb5", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2010-1322\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-1322" ], "name" : "CVE-2010-1322", "csaw" : false }