FreeBSD : krb5 -- multiple checksum handling vulnerabilities (0d57c1d9-03f4-11e0-bf50-001a926c7637)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

The MIT Kerberos team reports :

MIT krb incorrectly accepts an unkeyed checksum with DES session keys
for version 2 (RFC 4121) of the GSS-API krb5 mechanism.

An unauthenticated remote attacker can forge GSS tokens that are
intended to be integrity-protected but unencrypted, if the targeted
pre-existing application session uses a DES session key.

MIT krb5 KDC incorrectly accepts RFC 3961 key-derivation checksums
using RC4 keys when verifying the req-checksum in a KrbFastArmoredReq.

An unauthenticated remote attacker has a 1/256 chance of swapping a
client-issued KrbFastReq into a different KDC-REQ, if the armor key is
RC4. The consequences are believed to be minor.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 51100 ()

Bugtraq ID: 45116

CVE ID: CVE-2010-1324

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now