nvd-json-data-feeds/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json

{
  "id": "CVE-2023-3326",
  "sourceIdentifier": "secteam@freebsd.org",
  "published": "2023-06-22T17:15:44.833",
  "lastModified": "2023-06-22T20:05:36.757",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.\n"
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "secteam@freebsd.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-303"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:04.pam_krb5.asc",
      "source": "secteam@freebsd.org"
    }
  ]
}
Auto-Update: 2023-06-22T18:00:28.118178+00:00 2023-06-22 18:00:31 +00:00			`{`
			`"id": "CVE-2023-3326",`
			`"sourceIdentifier": "secteam@freebsd.org",`
			`"published": "2023-06-22T17:15:44.833",`
Auto-Update: 2023-06-22T22:00:26.468317+00:00 2023-06-22 22:00:29 +00:00			`"lastModified": "2023-06-22T20:05:36.757",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-06-22T18:00:28.118178+00:00 2023-06-22 18:00:31 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.\n"
			`}`
			`],`
			`"metrics": {},`
			`"weaknesses": [`
			`{`
			`"source": "secteam@freebsd.org",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-303"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:04.pam_krb5.asc",`
			`"source": "secteam@freebsd.org"`
			`}`
			`]`
			`}`