MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x up to and including 1.8.3 does not properly determine the acceptability of checksums, which might allow remote malicious users to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mit kerberos 5 1.8.3 |
||
mit kerberos 5 1.8.1 |
||
mit kerberos 5 1.7.1 |
||
mit kerberos 5 1.7 |
||
mit kerberos 5 1.8.2 |
||
mit kerberos 5 1.8 |