Low severity3.7NVD Advisory· Published Dec 2, 2010· Updated Jun 16, 2026
CVE-2010-1324
CVE-2010-1324
Description
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
- (no CPE)range: >=1.7.0, <=1.8.3
Patches
Vulnerability mechanics
References
27- www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlnvdPatchVendor Advisory
- secunia.com/advisories/42399nvdVendor Advisory
- web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txtnvdVendor Advisory
- kb.vmware.com/kb/1035108nvd
- lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.htmlnvd
- lists.vmware.com/pipermail/security-announce/2011/000133.htmlnvd
- marc.infonvd
- osvdb.org/69609nvd
- secunia.com/advisories/43015nvd
- support.apple.com/kb/HT4581nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2010-0925.htmlnvd
- www.securityfocus.com/archive/1/514953/100/0/threadednvd
- www.securityfocus.com/archive/1/517739/100/0/threadednvd
- www.securityfocus.com/bid/45116nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/USN-1030-1nvd
- www.vmware.com/security/advisories/VMSA-2011-0007.htmlnvd
- www.vupen.com/english/advisories/2010/3094nvd
- www.vupen.com/english/advisories/2010/3095nvd
- www.vupen.com/english/advisories/2010/3118nvd
- www.vupen.com/english/advisories/2011/0187nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936nvd
News mentions
0No linked articles in our index yet.