This CVE name corresponds to:
Entered | Topic |
---|---|
2010-04-19 | krb5 -- multiple denial of service vulnerabilities |
The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.
Type | Candidate |
Name | CVE-2010-0628 |
Phase | Assigned(20100212) |
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.
Copyright © 2005 The MITRE Corporation.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright
information.