// For flags

CVE-2010-1324

krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)

Severity Score

3.7
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.

MIT Kerberos 5 (también conocido como krb5) v1.7.x y v1.8.x hasta v1.8.3 no determina correctamente la aceptabilidad de las sumas de comprobación, lo que podría permitir a un atacante remoto falsificar GSS tokens, ganar privilegios, o tener otro impacto no especificado mediante (1) una suma de comprobación sin clave, (2) una suma de comprobación PAC sin clave o (3) una suma de comprobación KrbFastArmoredReq basada en una clave de RC4.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-04-08 CVE Reserved
  • 2010-12-01 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-310: Cryptographic Issues
CAPEC
References (29)
URL Tag Source
http://kb.vmware.com/kb/1035108 X_refsource_confirm
http://lists.vmware.com/pipermail/security-announce/2011/000133.html Mailing List
http://osvdb.org/69609 Vdb Entry
http://secunia.com/advisories/43015 Third Party Advisory
http://support.apple.com/kb/HT4581 X_refsource_confirm
http://www.securityfocus.com/archive/1/514953/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/517739/100/0/threaded Mailing List
http://www.securityfocus.com/bid/45116 Vdb Entry
http://www.securitytracker.com/id?1024803 Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2011-0007.html X_refsource_confirm
http://www.vupen.com/english/advisories/2010/3094 Vdb Entry
http://www.vupen.com/english/advisories/2010/3095 Vdb Entry
http://www.vupen.com/english/advisories/2010/3118 Vdb Entry
http://www.vupen.com/english/advisories/2011/0187 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936 Signature
URL Date SRC
URL Date SRC
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html 2020-01-21
URL Date SRC
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html 2020-01-21
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html 2020-01-21
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html 2020-01-21
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html 2020-01-21
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html 2020-01-21
http://marc.info/?l=bugtraq&m=129562442714657&w=2 2020-01-21
http://secunia.com/advisories/42399 2020-01-21
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt 2020-01-21
http://www.mandriva.com/security/advisories?name=MDVSA-2010:246 2020-01-21
http://www.redhat.com/support/errata/RHSA-2010-0925.html 2020-01-21
http://www.ubuntu.com/usn/USN-1030-1 2020-01-21
https://access.redhat.com/security/cve/CVE-2010-1324 2010-11-30
https://bugzilla.redhat.com/show_bug.cgi?id=648674 2010-11-30
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.7
Search vendor "Mit" for product "Kerberos 5" and version "1.7"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.7.1
Search vendor "Mit" for product "Kerberos 5" and version "1.7.1"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8
Search vendor "Mit" for product "Kerberos 5" and version "1.8"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.1
Search vendor "Mit" for product "Kerberos 5" and version "1.8.1"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.2
Search vendor "Mit" for product "Kerberos 5" and version "1.8.2"
-
Affected
Mit
Search vendor "Mit"
 Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
 1.8.3
Search vendor "Mit" for product "Kerberos 5" and version "1.8.3"
-
Affected