CVE-2010-1323

2010-12-02T16:22:00
ID CVE-2010-1323
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:56:00

Description

MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.