Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

Low

Attack Vector

Network

0

CVE-2010-4020

Disclosure Date: December 02, 2010 •

CVE-2010-4020 CVSS v3 Base Score: 6.3

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.3 Medium

Impact Score:

3.4

Exploitability Score:

2.8

Vector:

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

Low

Integrity (I):

Low

Availability (A):

Low

Vendors

mit

Products

kerberos 5 1.8,
kerberos 5 1.8.1,
kerberos 5 1.8.2,
kerberos 5 1.8.3

References

Canonical

CVE-2010-4020 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020)

BID-45117 (http://www.securityfocus.com/bid/45117)

Advisory

ADV-2010-3094 (http://www.vupen.com/english/advisories/2010/3094)

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.mandriva.com/security/advisories?name=MDVSA-2010:246

FEDORA-2010-18425 (http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html)

http://kb.vmware.com/kb/1035108

ADV-2010-3118 (http://www.vupen.com/english/advisories/2010/3118)

20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] (http://www.securityfocus.com/archive/1/514953/100/0/threaded)

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

http://www.vmware.com/security/advisories/VMSA-2011-0007.html

APPLE-SA-2011-03-21-1 (http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html)

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt

ADV-2010-3095 (http://www.vupen.com/english/advisories/2010/3095)

SECUNIA-42399 (http://secunia.com/advisories/42399)

[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (http://lists.vmware.com/pipermail/security-announce/2011/000133.html)

SECTRACK-1024803 (http://www.securitytracker.com/id?1024803)

20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (http://www.securityfocus.com/archive/1/517739/100/0/threaded)

FEDORA-2010-18409 (http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html)

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://www.redhat.com/support/errata/RHSA-2010-0925.html

USN-1030-1 (http://www.ubuntu.com/usn/USN-1030-1)

OSVDB-69608 (http://osvdb.org/69608)

http://support.apple.com/kb/HT4581

Rapid7

Technical Analysis