ID CVE-2010-1324
Summary MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
References
Vulnerable Configurations
  • cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 21-01-2020 - 15:46)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
oval via4
accepted 2015-04-20T04:00:13.550-04:00
class vulnerability
contributors
  • name Varun Narula
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Prashant Kumar
    organization Hewlett-Packard
  • name Mike Cokus
    organization The MITRE Corporation
description MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
family unix
id oval:org.mitre.oval:def:11936
status accepted
submitted 2011-01-31T10:14:52.000-05:00
title HP-UX Running Kerberos, Remote Unauthorized Modification.
version 50
redhat via4
advisories
rhsa
id RHSA-2010:0925
rpms
  • krb5-debuginfo-0:1.8.2-3.el6_0.3
  • krb5-devel-0:1.8.2-3.el6_0.3
  • krb5-libs-0:1.8.2-3.el6_0.3
  • krb5-pkinit-openssl-0:1.8.2-3.el6_0.3
  • krb5-server-0:1.8.2-3.el6_0.3
  • krb5-server-ldap-0:1.8.2-3.el6_0.3
  • krb5-workstation-0:1.8.2-3.el6_0.3
refmap via4
apple APPLE-SA-2011-03-21-1
bid 45116
bugtraq
  • 20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]
  • 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
confirm
fedora
  • FEDORA-2010-18409
  • FEDORA-2010-18425
hp
  • HPSBUX02623
  • SSRT100355
mandriva MDVSA-2010:246
mlist [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
osvdb 69609
sectrack 1024803
secunia
  • 42399
  • 43015
suse
  • SUSE-SR:2010:023
  • SUSE-SR:2010:024
ubuntu USN-1030-1
vupen
  • ADV-2010-3094
  • ADV-2010-3095
  • ADV-2010-3118
  • ADV-2011-0187
Last major update 21-01-2020 - 15:46
Published 02-12-2010 - 16:22
Last modified 21-01-2020 - 15:46
Back to Top