Skip to main content

Microsoft Kerberos Null Pointer Dereference Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 10 Feb 2010 5264 Views

RISK: Medium Risk

A denial of service vulnerability exists in implementations of Kerberos. The vulnerability is due to improper handling of Ticket-Granting-Ticket renewal requests by a client on a remote, non-Windows realm in a mixed-mode Kerberos implementation. An attacker who successfully exploited this vulnerability could cause the affected Windows domain controller to stop responding.