CVE-2010-1324

MEDIUM

Description

MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.

References

http://kb.vmware.com/kb/1035108

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://lists.vmware.com/pipermail/security-announce/2011/000133.html

http://marc.info/?l=bugtraq&m=129562442714657&w=2

http://osvdb.org/69609

http://secunia.com/advisories/42399

http://secunia.com/advisories/43015

http://support.apple.com/kb/HT4581

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt

http://www.mandriva.com/security/advisories?name=MDVSA-2010:246

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.redhat.com/support/errata/RHSA-2010-0925.html

http://www.securityfocus.com/archive/1/514953/100/0/threaded

http://www.securityfocus.com/archive/1/517739/100/0/threaded

http://www.securityfocus.com/bid/45116

http://www.securitytracker.com/id?1024803

http://www.ubuntu.com/usn/USN-1030-1

http://www.vmware.com/security/advisories/VMSA-2011-0007.html

http://www.vupen.com/english/advisories/2010/3094

http://www.vupen.com/english/advisories/2010/3095

http://www.vupen.com/english/advisories/2010/3118

http://www.vupen.com/english/advisories/2011/0187

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936

Details

Source: MITRE

Published: 2010-12-02

Updated: 2018-10-10

Type: CWE-310

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Impact Score: 1.4

Exploitability Score: 2.2

Severity: LOW

Tenable Plugins

View all (24 total)

ID	Name	Product	Family	Severity
89676	VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0007) (remote check)	Nessus	Misc.	high
84795	Oracle Secure Global Desktop Multiple Vulnerabilities (July 2015 CPU)	Nessus	Misc.	high
80653	Oracle Solaris Third-Party Patch Update : kerberos (cve_2010_1322_improper_input)	Nessus	Solaris Local Security Checks	high
75559	openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)	Nessus	SuSE Local Security Checks	medium
68152	Oracle Linux 4 / 5 : krb5 (ELSA-2010-0926)	Nessus	Oracle Linux Local Security Checks	medium
57655	GLSA-201201-13 : MIT Kerberos 5: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
53742	openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)	Nessus	SuSE Local Security Checks	medium
53672	openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)	Nessus	SuSE Local Security Checks	medium
53592	VMSA-2011-0007 : VMware ESXi and ESX Denial of Service and third-party updates for Likewise components and ESX Service Console	Nessus	VMware ESX Local Security Checks	high
52754	Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
800796	Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities	Log Correlation Engine	Operating System Detection	high
5826	Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
51659	HP-UX PHSS_41775 : HP-UX Running Kerberos, Remote Unauthorized Modification (HPSBUX02623 SSRT100355 rev.1)	Nessus	HP-UX Local Security Checks	medium
51159	SuSE 10 Security Update : krb5 (ZYPP Patch Number 7243)	Nessus	SuSE Local Security Checks	medium
51116	Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : krb5 vulnerabilities (USN-1030-1)	Nessus	Ubuntu Local Security Checks	medium
51104	FreeBSD : krb5 -- unkeyed PAC checksum handling vulnerability (9f971cea-03f5-11e0-bf50-001a926c7637)	Nessus	FreeBSD Local Security Checks	medium
51100	FreeBSD : krb5 -- multiple checksum handling vulnerabilities (0d57c1d9-03f4-11e0-bf50-001a926c7637)	Nessus	FreeBSD Local Security Checks	medium
51099	Fedora 13 : krb5-1.7.1-16.fc13 (2010-18425)	Nessus	Fedora Local Security Checks	medium
51083	Fedora 14 : krb5-1.8.2-7.fc14 (2010-18409)	Nessus	Fedora Local Security Checks	medium
50974	SuSE 11 / 11.1 Security Update : krb5 (SAT Patch Numbers 3547 / 3549)	Nessus	SuSE Local Security Checks	medium
50863	CentOS 4 / 5 : krb5 (CESA-2010:0926)	Nessus	CentOS Local Security Checks	medium
50853	RHEL 4 / 5 : krb5 (RHSA-2010:0926)	Nessus	Red Hat Local Security Checks	medium
50852	RHEL 6 : krb5 (RHSA-2010:0925)	Nessus	Red Hat Local Security Checks	medium
50849	Mandriva Linux Security Advisory : krb5 (MDVSA-2010:246)	Nessus	Mandriva Local Security Checks	medium