Home

CVE-2010-0035

Description

The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2, when a trust relationship with a non-Windows Kerberos realm exists, allows remote authenticated users to cause a denial of service (NULL pointer dereference and domain controller outage) via a crafted Ticket Granting Ticket (TGT) renewal request, aka Kerberos Null Pointer Dereference Vulnerability.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
40.087

Associated Vulnerability

VulnerabilityOS Platform
ms10-014: vulnerability in kerberos could allow denial of service for Windows 2000 (KB977290)Windows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2003 (KB977290)Windows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2008 (KB977290) x86 based systemsWindows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2003 x64 Edition (KB977290)Windows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2008 x64 Edition (KB977290)Windows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2008 x64 Edition (KB977290) for SP2Windows
ms10-014: vulnerability in kerberos could allow denial of service for Windows Server 2008 (KB977290) x86 based systems for SP2Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-8190Security Update for Windows Server 2003 (KB977290)
PATCH-8191Security Update for Windows Server 2008 (KB977290)
PATCH-8192Security Update for Windows Server 2003 x64 Edition (KB977290)
PATCH-8193Security Update for Windows Server 2008 x64 Edition (KB977290)
PATCH-8194Security Update for Windows Server 2008 x64 Edition (KB977290)
PATCH-8195Security Update for Windows Server 2008 (KB977290)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234