mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
32 lines
1.3 KiB
JSON
32 lines
1.3 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2023-3326",
|
||
|
|
"sourceIdentifier": "secteam@freebsd.org",
|
||
|
|
"published": "2023-06-22T17:15:44.833",
|
||
|
|
"lastModified": "2023-06-22T17:15:44.833",
|
||
|
|
"vulnStatus": "Received",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.\n"
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "secteam@freebsd.org",
|
||
|
|
"type": "Secondary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-303"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:04.pam_krb5.asc",
|
||
|
|
"source": "secteam@freebsd.org"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|