CVE-2010-1324
published 2010-12-02CVE-2010-1324: MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge…
PriorityP421low3.7CVSS 3.0
AVNACHPRNUINSUCNILAN
EPSS
2.25%
80.7th percentile
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | krb5 | < krb5 1.8.3+dfsg-3 (bookworm) | krb5 1.8.3+dfsg-3 (bookworm) |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.8.3+dfsg-3 | 1.8.3+dfsg-3 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-3 | 1.8.3+dfsg-3 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-3 | 1.8.3+dfsg-3 |
| mit | krb5 | >= 0 < 1.8.3+dfsg-3 | 1.8.3+dfsg-3 |
| vmware | vmware_esxi | — | — |
| vmware | vmware_workstation | — | — |
CVSS provenance
nvdv3.03.7LOWCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv3.7LOW
vendor_debian3.7LOW
vendor_redhat3.7LOW
vendor_ubuntu3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VMware
VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
vendor_vmware·2011-04-28·CVSS 7.8
CVE-2010-1323 [HIGH] VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
VMSA-2011-0007: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
a. ESX/ESXi Socket Exhaustion By sending malicious network traffic to an ESXi or ESX host an attacker could exhaust the available sockets which would prevent further connections to the host. In the event a host becomes inaccessible its virtual machines will continue to run and have network connectivity but a reboot of the ESXi or ESX host may be required in order to be able to connect to the host again. ESXi and ESX hosts may intermittently lose connectivity caused by applications that do not correctly close sockets. If this occurs an error message similar to the following may be written to the vpxa log: socket() returns -1 (Cannot allocate memory) An error message
Ubuntu
Kerberos vulnerabilities
vendor_ubuntu·2010-12-09·CVSS 3.7
CVE-2010-1323 [LOW] Kerberos vulnerabilities
Title: Kerberos vulnerabilities
It was discovered that Kerberos did not properly determine the
acceptability of certain checksums. A remote attacker could use certain
checksums to alter the prompt message, modify a response to a Key
Distribution Center (KDC) or forge a KRB-SAFE message. (CVE-2010-1323)
It was discovered that Kerberos did not properly determine the
acceptability of certain checksums. A remote attacker could use certain
checksums to forge GSS tokens or gain privileges. This issue only affected
Ubuntu 9.10, 10.04 LTS and 10.10. (CVE-2010-1324)
It was discovered that Kerberos did not reject RC4 key-derivation
checksums. An authenticated remote user could use this issue to forge
AD-SIGNEDPATH or AD-KDC-ISSUED signatures and possibly gain privileges.
This issue only affected
Red Hat
krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
vendor_redhat·2010-11-30·CVSS 3.7
CVE-2010-1324 [LOW] krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Statement: This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 3, 4 and 5.
Package: krb5 (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2010-1324: krb5 - MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determ...
vendor_debian·2010·CVSS 3.7
CVE-2010-1324 [LOW] CVE-2010-1324: krb5 - MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determ...
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Scope: local
bookworm: resolved (fixed in 1.8.3+dfsg-3)
bullseye: resolved (fixed in 1.8.3+dfsg-3)
forky: resolved (fixed in 1.8.3+dfsg-3)
sid: resolved (fixed in 1.8.3+dfsg-3)
trixie: resolved (fixed in 1.8.3+dfsg-3)
GHSA
GHSA-gg3r-9x7c-vmfm: MIT Kerberos 5 (aka krb5) 1
ghsa_unreviewed·2022-05-02
CVE-2010-1324 [MEDIUM] GHSA-gg3r-9x7c-vmfm: MIT Kerberos 5 (aka krb5) 1
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
OSV
CVE-2010-1324: MIT Kerberos 5 (aka krb5) 1
osv·2010-12-02·CVSS 3.7
CVE-2010-1324 [LOW] CVE-2010-1324: MIT Kerberos 5 (aka krb5) 1
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
No detection rules found.
No public exploits indexed.
http://kb.vmware.com/kb/1035108http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.htmlhttp://lists.vmware.com/pipermail/security-announce/2011/000133.htmlhttp://marc.info/?l=bugtraq&m=129562442714657&w=2http://osvdb.org/69609http://secunia.com/advisories/42399http://secunia.com/advisories/43015http://support.apple.com/kb/HT4581http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2010:246http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0925.htmlhttp://www.securityfocus.com/archive/1/514953/100/0/threadedhttp://www.securityfocus.com/archive/1/517739/100/0/threadedhttp://www.securityfocus.com/bid/45116http://www.securitytracker.com/id?1024803http://www.ubuntu.com/usn/USN-1030-1http://www.vmware.com/security/advisories/VMSA-2011-0007.htmlhttp://www.vupen.com/english/advisories/2010/3094http://www.vupen.com/english/advisories/2010/3095http://www.vupen.com/english/advisories/2010/3118http://www.vupen.com/english/advisories/2011/0187https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936http://kb.vmware.com/kb/1035108http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.htmlhttp://lists.vmware.com/pipermail/security-announce/2011/000133.htmlhttp://marc.info/?l=bugtraq&m=129562442714657&w=2http://osvdb.org/69609http://secunia.com/advisories/42399http://secunia.com/advisories/43015http://support.apple.com/kb/HT4581http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2010:246http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0925.htmlhttp://www.securityfocus.com/archive/1/514953/100/0/threadedhttp://www.securityfocus.com/archive/1/517739/100/0/threadedhttp://www.securityfocus.com/bid/45116http://www.securitytracker.com/id?1024803http://www.ubuntu.com/usn/USN-1030-1http://www.vmware.com/security/advisories/VMSA-2011-0007.htmlhttp://www.vupen.com/english/advisories/2010/3094http://www.vupen.com/english/advisories/2010/3095http://www.vupen.com/english/advisories/2010/3118http://www.vupen.com/english/advisories/2011/0187https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936
2010-12-02
Published