CVE-2010-0035 in Windows
Summary
by MITRE
The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2, when a trust relationship with a non-Windows Kerberos realm exists, allows remote authenticated users to cause a denial of service (NULL pointer dereference and domain controller outage) via a crafted Ticket Granting Ticket (TGT) renewal request, aka "Kerberos Null Pointer Dereference Vulnerability."
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 04/30/2026
The vulnerability identified as CVE-2010-0035 represents a critical denial of service weakness within the Kerberos Key Distribution Center implementation across multiple Microsoft Windows server versions. This flaw specifically manifests when the KDC processes Ticket Granting Ticket renewal requests from entities that maintain trust relationships with non-Windows Kerberos realms. The vulnerability stems from inadequate input validation and error handling mechanisms within the Kerberos authentication infrastructure, creating a condition where malformed TGT renewal requests can trigger system instability.
The technical execution of this vulnerability involves a null pointer dereference condition that occurs during the processing of authenticated Kerberos requests. When a remote authenticated user submits a crafted TGT renewal request to a domain controller, the KDC fails to properly validate the incoming ticket structure before attempting to dereference pointers within the ticket data. This results in a system crash or domain controller outage, effectively rendering the authentication service unavailable to legitimate users. The vulnerability operates at the protocol level within the Kerberos authentication framework and specifically targets the KDC component responsible for issuing and validating authentication tickets.
From an operational impact perspective, this vulnerability poses significant risk to enterprise environments that rely heavily on Kerberos authentication and trust relationships with non-Windows systems. Domain controller outages caused by this vulnerability can disrupt business operations across entire organizations, particularly affecting services that depend on Windows Active Directory authentication. The attack requires only authenticated access to the Kerberos service, making it relatively accessible to insiders or attackers who have already gained some level of network credentials. The vulnerability affects Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2 systems, representing a substantial portion of legacy infrastructure still in use within many enterprises.
The mitigation strategies for this vulnerability should prioritize immediate patch deployment through Microsoft's security updates, as the flaw was addressed through official service packs and security rollups. Network segmentation and access control measures can help limit the attack surface by restricting access to Kerberos services to only trusted entities. Implementing monitoring solutions that detect unusual TGT renewal patterns or malformed Kerberos requests can provide early warning of potential exploitation attempts. Additionally, organizations should review and test their Kerberos trust relationships to ensure proper configuration and consider implementing redundant authentication mechanisms to maintain service availability during potential outages.
This vulnerability aligns with CWE-476, which describes null pointer dereference conditions in software implementations, and represents a classic example of insufficient input validation within security-critical components. The attack pattern follows techniques documented in the MITRE ATT&CK framework under the T1499 category for network denial of service, specifically targeting authentication services to disrupt legitimate user access. The vulnerability demonstrates how seemingly minor implementation flaws in core security protocols can result in catastrophic operational impacts, highlighting the critical importance of robust error handling and input validation in authentication systems. Organizations should consider this vulnerability as part of broader security hygiene practices, emphasizing the need for regular patch management and comprehensive security testing of authentication infrastructure components.