CVE-2010-1324

Priority
Description
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly
determine the acceptability of checksums, which might allow remote
attackers to forge GSS tokens, gain privileges, or have unspecified other
impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a
KrbFastArmoredReq checksum based on an RC4 key.
Notes
mdeslaur1.7 and newer
Package
Source: krb5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2020-09-10 01:35:27 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)