#VU64988 Cryptographic issues in Kerberos 5 - CVE-2010-1324


Vulnerability identifier: #VU64988

Vulnerability risk: High

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2010-1324

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kerberos 5
Client/Desktop applications / Software for system administration

Vendor: MIT

Description

The vulnerability allows a remote attacker to modify files on the system.

The vulnerability exists due to MIT Kerberos 5 does not properly determine the acceptability of checksums. A remote attacker can forge GSS tokens, gain privileges, or have unspecified other impact via an unkeyed checksum, an unkeyed PAC checksum, or a KrbFastArmoredReq checksum based on an RC4 key.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Kerberos 5: 1.7 - 1.8.3

External links
https://kb.vmware.com/kb/1035108
https://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html
https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html
https://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
https://lists.vmware.com/pipermail/security-announce/2011/000133.html
https://marc.info/?l=bugtraq&m=129562442714657&w=2
https://osvdb.org/69609
https://secunia.com/advisories/42399
https://secunia.com/advisories/43015
https://support.apple.com/kb/HT4581
https://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt
https://www.mandriva.com/security/advisories?name=MDVSA-2010:246
https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
https://www.redhat.com/support/errata/RHSA-2010-0925.html
https://www.securityfocus.com/archive/1/514953/100/0/threaded
https://www.securityfocus.com/archive/1/517739/100/0/threaded
https://www.securityfocus.com/bid/45116
https://www.securitytracker.com/id?1024803
https://www.ubuntu.com/usn/USN-1030-1
https://www.vmware.com/security/advisories/VMSA-2011-0007.html
https://www.vupen.com/english/advisories/2010/3094
https://www.vupen.com/english/advisories/2010/3095
https://www.vupen.com/english/advisories/2010/3118
https://www.vupen.com/english/advisories/2011/0187
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM Security Verify Access
Multiple vulnerabilities in HP-UX Running Kerberos