CVE-2010-4021

Severity

21%

Complexity

39%

Confidentiality

48%

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:S/C:N/I:P/A:N).

Overview

First reported 14 years ago

2010-12-02 16:22:00

Last updated 5 years ago

2020-01-21 15:45:00

Affected Software

Mit Kerberos 5 1.7

1.7

References

http://kb.vmware.com/kb/1035108

APPLE-SA-2011-03-21-1

SUSE-SR:2010:023

SUSE-SR:2010:024

[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

69607

http://support.apple.com/kb/HT4581

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt

Vendor Advisory

MDVSA-2010:246

20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]

20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

45122

1024803

USN-1030-1

http://www.vmware.com/security/advisories/VMSA-2011-0007.html

ADV-2010-3094

ADV-2010-3118

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.