Vulnslist

find the latest Cisco vulnerabilities

MIT Kerberos GSS-API Library Remote Denial of Service Vulnerability

Cisco-SA-20100519-CVE-2010-1321 · Medium · Published · Updated

MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is in the GSS-API acceptor component due to lack of pointer validation.  An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected component.  This action could cause the component to crash, resulting in a DoS condition. MIT has confirmed this vulnerability and released updated software. The vulnerability can be exploited only by an authenticated attacker, which somewhat reduces the threat of an attack on affected systems. Cisco Network Admission Control Guest Server may be affected if Active Directory single sign-on is enabled.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Administrators are advised to grant access to the affected application only to trusted users.

Cisco customers can mitigate this vulnerability by disabling Active Directory single sign-on as detailed at this link: Cisco['http://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_sponsor.html#wp1070364 "]

Administrators are advised to monitor affected systems.

CVEsCVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574
Cisco Bug IDsNA
CVSS ScoreBase 6.8
Base 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco Network Admission Control Guest Server

CSAF Product Statuses

Product Status Source CVE Rows
Cisco Network Admission Control Guest Server known_affected cisco_csaf CVE-2010-1321 1

Related Products

Product CVE Evidence
Cisco Network Admission Control Guest Server CVE-2010-3563 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3552 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3569 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3562 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3571 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3559 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3555 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3556 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3572 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3553 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3567 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3568 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3574 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3565 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3573 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3550 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3554 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3566 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3557 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3549 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3558 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3570 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3561 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3560 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3548 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3551 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-1321 Cisco OpenVuln
Cisco Network Admission Control Guest Server CVE-2010-3541 Cisco OpenVuln