3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.009 Low
EPSS
Percentile
80.5%
Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).
Multiple checksum validation flaws were discovered in the MIT Kerberos
implementation. A remote attacker could use these flaws to tamper with
certain Kerberos protocol packets and, possibly, bypass authentication
mechanisms in certain configurations using Single-use Authentication
Mechanisms. (CVE-2010-1323)
Red Hat would like to thank the MIT Kerberos Team for reporting these
issues.
All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing the updated
packages, the krb5kdc daemon will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | x86_64 | krb5-server | < 1.6.1-36.el5_5.6 | krb5-server-1.6.1-36.el5_5.6.x86_64.rpm |
RedHat | 5 | ia64 | krb5-libs | < 1.6.1-36.el5_5.6 | krb5-libs-1.6.1-36.el5_5.6.ia64.rpm |
RedHat | 5 | ppc64 | krb5-devel | < 1.6.1-36.el5_5.6 | krb5-devel-1.6.1-36.el5_5.6.ppc64.rpm |
RedHat | 5 | ppc | krb5-devel | < 1.6.1-36.el5_5.6 | krb5-devel-1.6.1-36.el5_5.6.ppc.rpm |
RedHat | 4 | x86_64 | krb5-server | < 1.3.4-62.el4_8.3 | krb5-server-1.3.4-62.el4_8.3.x86_64.rpm |
RedHat | 5 | s390x | krb5-libs | < 1.6.1-36.el5_5.6 | krb5-libs-1.6.1-36.el5_5.6.s390x.rpm |
RedHat | 4 | s390x | krb5-devel | < 1.3.4-62.el4_8.3 | krb5-devel-1.3.4-62.el4_8.3.s390x.rpm |
RedHat | 5 | i386 | krb5-workstation | < 1.6.1-36.el5_5.6 | krb5-workstation-1.6.1-36.el5_5.6.i386.rpm |
RedHat | 4 | s390x | krb5-server | < 1.3.4-62.el4_8.3 | krb5-server-1.3.4-62.el4_8.3.s390x.rpm |
RedHat | 5 | ia64 | krb5-workstation | < 1.6.1-36.el5_5.6 | krb5-workstation-1.6.1-36.el5_5.6.ia64.rpm |
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.009 Low
EPSS
Percentile
80.5%