Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-1323

MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://web.mit.edu/ker...
DEBIAN: DSA-2129
MANDRIVA: MDVSA-2010:245
MANDRIVA: MDVSA-2010:246
REDHAT: RHSA-2010:0925
REDHAT: RHSA-2010:0926
BID: 45118
OSVDB: 69610
SECUNIA: 42399
SECTRACK: 1024803
SECUNIA: 42420
SECUNIA: 42436
VUPEN: ADV-2010-3094
VUPEN: ADV-2010-3095
VUPEN: ADV-2010-3101
VUPEN: ADV-2010-3118
FEDORA: FEDORA-2010-18409
FEDORA: FEDORA-2010-18425
UBUNTU: USN-1030-1
SUSE: SUSE-SR:2010:023
SUSE: SUSE-SR:2010:024
SECUNIA: 43015
VUPEN: ADV-2011-0187
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2011-03-21-1
MLIST: [security-announce] 20...
CONFIRM: http://kb.vmware.com/k...
CONFIRM: http://www.vmware.com/...
CONFIRM: http://www.vmware.com/...
SECUNIA: 46397
SUSE: SUSE-SU-2012:0010
SUSE: SUSE-SU-2012:0042
CONFIRM: http://www.oracle.com/...
HP: HPSBUX02623
HP: SSRT100355
HP: HPSBOV02682
HP: SSRT100495
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20101130 MITKRB5-SA-20...
BUGTRAQ: 20110428 VMSA-2011-000...
BUGTRAQ: 20111013 VMSA-2011-001...

Launchpad.net

CVE 2010-1323

Related bugs

References