Search for vulnerabilities
Vulnerability details: VCID-hyb8-a9fd-aaan
Vulnerability ID VCID-hyb8-a9fd-aaan
Aliases CVE-2010-0628
Summary The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-617 Reachable Assertion
System Score Found at
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01037 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.01772 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.11179 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.11179 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.11179 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
epss 0.14967 https://api.first.org/data/v1/epss?cve=CVE-2010-0628
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2010-0628
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0628.json
https://api.first.org/data/v1/epss?cve=CVE-2010-0628
https://bugzilla.redhat.com/show_bug.cgi?id=566258
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0628
http://secunia.com/advisories/39023
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-002.txt
http://www.kb.cert.org/vuls/id/839413
http://www.securityfocus.com/archive/1/510281/100/0/threaded
http://www.securityfocus.com/bid/38904
http://www.ubuntu.com/usn/USN-916-1
575740 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575740
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
CVE-2010-0628 https://nvd.nist.gov/vuln/detail/CVE-2010-0628
USN-916-1 https://usn.ubuntu.com/916-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-0628
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.75402
EPSS Score 0.01037
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.