DEBIAN-CVE-2010-1324

DEBIAN-CVE-2010-1324 PUBLISHED CVSS 3.700000047683716 LOW

MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.

Risk Scores

CVSS v3.0

3.700000047683716

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:11	krb5	0, 0, 0
Debian:14	krb5	0, 0, 0
Debian:13	krb5	0, 0, 0
Debian:12	krb5	0, 0, 0

Timeline

Dec 2, 2010 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2010-1324 advisory

Open in Interactive Console →