Description
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Affected products
- MIT / Kerberos 51.7 – 1.7
- MIT / Kerberos 51.7.1 – 1.7.1
- MIT / Kerberos 51.8 – 1.8
- MIT / Kerberos 51.8.1 – 1.8.1
- MIT / Kerberos 51.8.2 – 1.8.2
- MIT / Kerberos 51.8.3 – 1.8.3
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/3094
- VENDOR_ADVISORYhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:246
- MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html
- VENDOR_ADVISORYhttp://kb.vmware.com/kb/1035108
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/3118
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0187
- MISChttp://www.securityfocus.com/archive/1/514953/100/0/threaded
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
- VENDOR_ADVISORYhttp://www.vmware.com/security/advisories/VMSA-2011-0007.html
- MAILING_LISThttp://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
- MISChttp://osvdb.org/69609
- MAILING_LISThttp://marc.info/?l=bugtraq&m=129562442714657&w=2
- VENDOR_ADVISORYhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt
- MAILING_LISThttp://marc.info/?l=bugtraq&m=129562442714657&w=2
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/3095
- VENDOR_ADVISORYhttp://secunia.com/advisories/42399
- MISChttp://www.securityfocus.com/bid/45116
- MAILING_LISThttp://lists.vmware.com/pipermail/security-announce/2011/000133.html
- MISChttp://www.securitytracker.com/id?1024803
- MISChttp://www.securityfocus.com/archive/1/517739/100/0/threaded
- MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- MISChttp://www.redhat.com/support/errata/RHSA-2010-0925.html
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/USN-1030-1
- VENDOR_ADVISORYhttp://secunia.com/advisories/43015
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT4581