Search for vulnerabilities
Vulnerability details: VCID-ekr2-25df-aaak
Vulnerability ID VCID-ekr2-25df-aaak
Aliases CVE-2010-0283
Summary The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-617 Reachable Assertion
System Score Found at
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.03492 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04254 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.04632 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.91330 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.91330 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.91330 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
epss 0.93627 https://api.first.org/data/v1/epss?cve=CVE-2010-0283
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=556680
cvssv2 7.8 https://nvd.nist.gov/vuln/detail/CVE-2010-0283
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0283.json
https://api.first.org/data/v1/epss?cve=CVE-2010-0283
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0283
http://secunia.com/advisories/38598
http://secunia.com/advisories/39023
http://secunia.com/advisories/40220
http://securitytracker.com/id?1023593
http://support.apple.com/kb/HT4188
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt
http://www.securityfocus.com/archive/1/509553/100/0/threaded
http://www.securityfocus.com/bid/38260
http://www.ubuntu.com/usn/USN-916-1
http://www.vupen.com/english/advisories/2010/1481
556680 https://bugzilla.redhat.com/show_bug.cgi?id=556680
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos:5-1.8:alpha:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.8:alpha:*:*:*:*:*:*
CVE-2010-0283 https://nvd.nist.gov/vuln/detail/CVE-2010-0283
GLSA-201201-13 https://security.gentoo.org/glsa/201201-13
USN-916-1 https://usn.ubuntu.com/916-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2010-0283
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.86993
EPSS Score 0.03492
Published At May 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.