{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T07:53:34.572","vulnerabilities":[{"cve":{"id":"CVE-2010-1320","sourceIdentifier":"cve@mitre.org","published":"2010-04-22T14:30:01.040","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation."},{"lang":"es","value":"Una doble vulnerabilidad en do_tgs_req.c en el Centro de distribución de claves (KDC) en MIT Kerberos 5 (también conocido como krb5) versiones v1.7.x y v1.8.x antes de v1.8.2 permite a los usuarios remotos autenticados causar una denegación de servicio (con caída del demonio) o posiblemente ejecutar código arbitrario mediante una petición asociada con una (1) renovación o (2) validación."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-399"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*","matchCriteriaId":"DFB1190E-BE7A-4C6B-862D-D5747C64E980"},{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*","matchCriteriaId":"4B09C090-B842-43C7-B8A6-DBF63D80FEC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*","matchCriteriaId":"36823B2B-5C72-4FF3-9301-FB263EB8CE09"},{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*","matchCriteriaId":"59AFA33E-FEBC-45F5-9EC6-8AA363163FB5"}]}]}],"references":[{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490","source":"cve@mitre.org"},{"url":"http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html","source":"cve@mitre.org"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/39656","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/39784","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/40220","source":"cve@mitre.org"},{"url":"http://securitytracker.com/id?1023904","source":"cve@mitre.org"},{"url":"http://support.apple.com/kb/HT4188","source":"cve@mitre.org"},{"url":"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/510843/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/39599","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.ubuntu.com/usn/USN-940-1","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2010/1001","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2010/1192","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2010/1481","source":"cve@mitre.org"},{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/39656","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/39784","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/40220","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1023904","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://support.apple.com/kb/HT4188","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/510843/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/39599","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.ubuntu.com/usn/USN-940-1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1001","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1192","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1481","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vendorComments":[{"organization":"Red Hat","comment":"Not vulnerable. This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 3, 4, or 5.","lastModified":"2010-04-22T00:00:00"}]}}]}