MIT Kerberos 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption Vulnerability

Bugtraq ID: 39599
Class: Design Error
CVE: CVE-2010-1320
Remote: Yes
Local: No
Published: Apr 20 2010 12:00AM
Updated: Jan 23 2012 11:00PM
Credit: Joel Johnson
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
S.u.S.E. openSUSE 11.2
Red Hat Fedora 13
Red Hat Fedora 12
MIT Kerberos 5 1.8.1
MIT Kerberos 5 1.7.2
MIT Kerberos 5 1.7.1
MIT Kerberos 5 1.8
MIT Kerberos 5 1.7
Gentoo Linux
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: MIT Kerberos 5 1.8.2
Apple Mac OS X Server 10.6.4
Apple Mac OS X 10.6.4


 

Privacy Statement
Copyright 2010, SecurityFocus