CVE-2010-4022

Published: 10 February 2011

The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.

Priority

Medium

Status

Package Release Status
krb5
Launchpad, Ubuntu, Debian
Upstream
Released