CVE-2010-4020

Priority
Description
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4
key-derivation checksums, which might allow remote authenticated users to
forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain
privileges, by leveraging the small key space that results from certain
one-byte stream-cipher operations.
Notes
mdeslaur1.8 and newer
Package
Source: krb5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2020-09-10 01:38:28 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)