MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-12-02T16:00:00
Updated: 2024-08-07T01:21:18.670Z
Reserved: 2010-04-08T00:00:00
Link: CVE-2010-1324
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-12-02T16:22:20.880
Modified: 2024-11-21T01:14:08.860
Link: CVE-2010-1324
Redhat