mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-16 20:27:21 +00:00
981 B
981 B
CVE-2010-4020
Description
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
POC
Reference
- http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.redhat.com/support/errata/RHSA-2010-0925.html