FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

krb5 -- unkeyed PAC checksum handling vulnerability

Affected packages
1.7.0 <= krb5 < 1.7.2


VuXML ID 9f971cea-03f5-11e0-bf50-001a926c7637
Discovery 2010-11-30
Entry 2010-12-09

The MIT Kerberos team reports:

MIT krb5 incorrectly accepts an unkeyed checksum for PAC signatures.

An authenticated remote attacker can forge PACs if using a KDC that does not filter client-provided PAC data. This can result in privilege escalation against a service that relies on PAC contents to make authorization decisions.


Bugtraq ID 45116
CVE Name CVE-2010-1324