CVE - CVE-2010-4020

CVE-ID
CVE-2010-4020	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2011-03-21-1 URL:http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html BID:45117 URL:http://www.securityfocus.com/bid/45117 BUGTRAQ:20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] URL:http://www.securityfocus.com/archive/1/514953/100/0/threaded BUGTRAQ:20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console URL:http://www.securityfocus.com/archive/1/517739/100/0/threaded CONFIRM:http://kb.vmware.com/kb/1035108 CONFIRM:http://support.apple.com/kb/HT4581 CONFIRM:http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html CONFIRM:http://www.vmware.com/security/advisories/VMSA-2011-0007.html FEDORA:FEDORA-2010-18409 URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html FEDORA:FEDORA-2010-18425 URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html MANDRIVA:MDVSA-2010:246 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:246~~ (Obsolete source) MLIST:[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console URL:http://lists.vmware.com/pipermail/security-announce/2011/000133.html OSVDB:69608 URL:~~http://osvdb.org/69608~~ (Obsolete source) REDHAT:RHSA-2010:0925 URL:http://www.redhat.com/support/errata/RHSA-2010-0925.html SECTRACK:1024803 URL:http://www.securitytracker.com/id?1024803 SECUNIA:42399 URL:http://secunia.com/advisories/42399 SUSE:SUSE-SR:2010:023 URL:http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html SUSE:SUSE-SR:2010:024 URL:http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html UBUNTU:USN-1030-1 URL:http://www.ubuntu.com/usn/USN-1030-1 VUPEN:ADV-2010-3094 URL:~~http://www.vupen.com/english/advisories/2010/3094~~ (Obsolete source) VUPEN:ADV-2010-3095 URL:~~http://www.vupen.com/english/advisories/2010/3095~~ (Obsolete source) VUPEN:ADV-2010-3118 URL:~~http://www.vupen.com/english/advisories/2010/3118~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20101020	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20101020)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)