CVE-2010-0035

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2008 Gold Microsoft Windows Server 2008 SP2

Description The Key Distribution Center (KDC) in Kerberos in Microsoft Windows, when a trust relationship with a non-Windows Kerberos realm exists, allows remote authenticated users to cause a denial of service via a crafted Ticket Granting Ticket (TGT) renewal request. This can result in a NULL pointer dereference and domain controller outage.

Recommendations For Microsoft Windows 2000 SP4, update to a version that includes the fix for this issue. For Microsoft Windows Server 2003 SP2, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 Gold, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 SP2, update to a version that includes the fix for this issue.