fkie_cve-2010-0433
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
References
secalert@redhat.comhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc
secalert@redhat.comhttp://cvs.openssl.org/chngview?cn=19374
secalert@redhat.comhttp://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=127128920008563&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=127557640302499&w=2
secalert@redhat.comhttp://secunia.com/advisories/39461
secalert@redhat.comhttp://secunia.com/advisories/39932
secalert@redhat.comhttp://secunia.com/advisories/42724
secalert@redhat.comhttp://secunia.com/advisories/42733
secalert@redhat.comhttp://secunia.com/advisories/43311
secalert@redhat.comhttp://www.mail-archive.com/dovecot%40dovecot.org/msg26224.html
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:076
secalert@redhat.comhttp://www.openssl.org/news/changelog.html
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/03/03/5
secalert@redhat.comhttp://www.securityfocus.com/archive/1/516397/100/0/threaded
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2011-0003.html
secalert@redhat.comhttp://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0839
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0916
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0933
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1216
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=567711
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=569774
secalert@redhat.comhttps://kb.bluecoat.com/index?page=content&id=SA50
secalert@redhat.comhttps://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
secalert@redhat.comhttps://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc
af854a3a-2127-422b-91ae-364da2661108http://cvs.openssl.org/chngview?cn=19374
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=127128920008563&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=127557640302499&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39461
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39932
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42724
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42733
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43311
af854a3a-2127-422b-91ae-364da2661108http://www.mail-archive.com/dovecot%40dovecot.org/msg26224.html
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
af854a3a-2127-422b-91ae-364da2661108http://www.openssl.org/news/changelog.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/03/03/5
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/516397/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2011-0003.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0839
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0916
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0933
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1216
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=567711
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=569774
af854a3a-2127-422b-91ae-364da2661108https://kb.bluecoat.com/index?page=content&id=SA50
af854a3a-2127-422b-91ae-364da2661108https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
af854a3a-2127-422b-91ae-364da2661108https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856
Impacted products
Vendor Product Version
openssl openssl *
openssl openssl 0.9.8
openssl openssl 0.9.8a
openssl openssl 0.9.8b
openssl openssl 0.9.8c
openssl openssl 0.9.8d
openssl openssl 0.9.8e
openssl openssl 0.9.8f
openssl openssl 0.9.8g
openssl openssl 0.9.8h
openssl openssl 0.9.8i
openssl openssl 0.9.8j
openssl openssl 0.9.8k
openssl openssl 0.9.8l


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2DC14B4-BFB1-4F37-9A6D-1488C394F500",
              "versionEndIncluding": "0.9.8m",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4E446D-B9D3-45F2-9722-B41FA14A6C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF4EA988-FC80-4170-8933-7C6663731981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F8F53B-24A1-4877-B16E-F1917C4E4E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D3ACD5-905F-42BB-BE1A-8382E9D823BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
              "matchCriteriaId": "766EA6F2-7FA4-4713-9859-9971CCD2FDCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB38AEA-BAF0-4920-9A71-747C24444770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33EA2B-DE15-4695-A383-7A337AC38908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
              "matchCriteriaId": "261EE631-AB43-44FE-B02A-DFAAB8D35927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1365ED-4651-4AB2-A64B-43782EA2F0E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC82690C-DCED-47BA-AA93-4D0C9E95B806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot."
    },
    {
      "lang": "es",
      "value": "La funcion kssl_keytab_is_available en ssl/kssl.c en OpenSSL before v0.9.8n, cuando Kerberos esta activo pero los ficheros de configuracion de Kerberos no pueden ser abiertos, no comprueba adecuadamente cierto valor de retorno, lo que permite a atacantes remotos producir una denegacion de servicio (desreferencia a puntero nulo y caida de demonio) a traves de la negociacion del cifrado SSL, lo que se demuestra mediante la instalacion chroot de Dovecot o stunnel sin los ficheros de configuracion de Kerberos dentro de chroot."
    }
  ],
  "id": "CVE-2010-0433",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-03-05T19:30:00.547",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cvs.openssl.org/chngview?cn=19374"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39461"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42724"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42733"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43311"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mail-archive.com/dovecot%40dovecot.org/msg26224.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openssl.org/news/changelog.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/03/03/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0839"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0916"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0933"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567711"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=569774"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cvs.openssl.org/chngview?cn=19374"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mail-archive.com/dovecot%40dovecot.org/msg26224.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openssl.org/news/changelog.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/03/03/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=569774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.