Search for vulnerabilities
Vulnerability details: VCID-sx8k-hvvg-aaac
Vulnerability ID VCID-sx8k-hvvg-aaac
Aliases CVE-2010-4022
Summary The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2011:0200
epss 0.07098 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.07098 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.07098 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.07098 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.08652 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.13456 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
epss 0.14267 https://api.first.org/data/v1/epss?cve=CVE-2010-4022
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=664009
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2010-4022
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4022.json
https://api.first.org/data/v1/epss?cve=CVE-2010-4022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022
http://secunia.com/advisories/43260
http://secunia.com/advisories/43275
http://securityreason.com/securityalert/8070
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2011:025
http://www.redhat.com/support/errata/RHSA-2011-0200.html
http://www.securityfocus.com/archive/1/516286/100/0/threaded
http://www.securityfocus.com/bid/46269
http://www.securitytracker.com/id?1025035
http://www.vupen.com/english/advisories/2011/0329
http://www.vupen.com/english/advisories/2011/0333
http://www.vupen.com/english/advisories/2011/0347
http://www.vupen.com/english/advisories/2011/0464
664009 https://bugzilla.redhat.com/show_bug.cgi?id=664009
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
CVE-2010-4022 https://nvd.nist.gov/vuln/detail/CVE-2010-4022
GLSA-201201-13 https://security.gentoo.org/glsa/201201-13
RHSA-2011:0200 https://access.redhat.com/errata/RHSA-2011:0200
USN-1062-1 https://usn.ubuntu.com/1062-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-4022
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93923
EPSS Score 0.07098
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.