Microsoft Kerberos Null Pointer Dereference Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
10 Feb 2010
5099
Views
RISK: Medium Risk
A denial of service vulnerability exists in implementations of Kerberos. The vulnerability is due to improper handling of Ticket-Granting-Ticket renewal requests by a client on a remote, non-Windows realm in a mixed-mode Kerberos implementation. An attacker who successfully exploited this vulnerability could cause the affected Windows domain controller to stop responding.
Impact
- Denial of Service
System / Technologies affected
- Microsoft Windows 2000
- Microsoft Windows 2003
- Microsoft Windows 2008
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Windows 2000 Server Service Pack 4
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Vulnerability Identifier
Source
Related Link
Share with