{"id":"CVE-2010-0629","details":"Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.","modified":"2025-08-09T19:01:27Z","published":"2010-04-07T15:30:00Z","references":[{"type":"ADVISORY","url":"http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998"},{"type":"ADVISORY","url":"http://secunia.com/advisories/39264"},{"type":"ADVISORY","url":"http://secunia.com/advisories/39290"},{"type":"ADVISORY","url":"http://secunia.com/advisories/39315"},{"type":"ADVISORY","url":"http://secunia.com/advisories/39324"},{"type":"ADVISORY","url":"http://secunia.com/advisories/39367"},{"type":"WEB","url":"http://securitytracker.com/id?1023821"},{"type":"ADVISORY","url":"http://ubuntu.com/usn/usn-924-1"},{"type":"FIX","url":"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:071"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/510566/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/bid/39247"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/0876"},{"type":"REPORT","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"},{"type":"ARTICLE","url":"http://www.debian.org/security/2010/dsa-2031"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2010-0343.html"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}