CVE-2010-1323

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (aka krb5) versions 1.3.x through 1.8.3 MIT Kerberos 5 (aka krb5) versions prior to 1.9.2

Description The issue is related to the improper determination of checksum acceptability, which could allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums. These checksums might be unkeyed or use RC4 keys. The vulnerability can be exploited remotely and may lead to a breach of confidentiality, integrity, and availability of protected information.

Recommendations For versions 1.3.x through 1.8.3, update to a version newer than 1.8.3. For versions prior to 1.9.2, update to version 1.9.2 or newer. As a temporary workaround, consider restricting the use of unkeyed or RC4-keyed checksums until a patch is available.