Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-1324

EPSS 3.50% · P88
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-1324

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MIT Kerberos 5设计权限提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MIT Kerberos 5 是一种常用的开源Kerberos实现。 MIT Kerberos 5(又名krb5)1.7.x,1.8.x至1.8.3版本不能正确地确定可接受的校验。远程攻击者可以借助某些(1)非密钥校验,(2)非密钥PAC校验,或者(3)基于RC4密钥的KrbFastArmoredReq校验伪造GSS令牌,获取特权,或者引起其他未明影响。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-1324

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-1324

Please Login to view more intelligence information

Same Patch Batch · n/a · 2010-12-02 · 24 CVEs total

CVE-2010-3266Ifdefined BugTracker.NET多个跨站脚本攻击漏洞
CVE-2010-4374Nullsoft Winamp in_mkv插件资源管理错误漏洞
CVE-2010-4373Nullsoft Winamp in_mp4插件设计错误漏洞
CVE-2010-4372Nullsoft Winamp in_nsv插件整数溢出漏洞
CVE-2010-4371Nullsoft Winamp in_mod插件缓冲区溢出漏洞
CVE-2010-4370Nullsoft Winamp in_midi插件多个整数溢出漏洞
CVE-2010-4369AWStats目录遍历漏洞
CVE-2010-4368AWStats UNC共享路径配置问题代码注入漏洞
CVE-2010-4367AWStats WebDAV服务和NFS服务配置文件代码注入漏洞
CVE-2010-4329phpMyAdmin PMA_linkOrButton函数跨站脚本攻击漏洞
CVE-2010-4021MIT Kerberos 5权限许可和访问控制问题漏洞
CVE-2010-3267Ifdefined BugTracker.NET多个SQL注入漏洞
CVE-2010-4278Artica Pandora FMS networkmap.php文件操作系统命令注入漏洞
CVE-2010-2586Nullsoft Winamp in_nsv插件in_nsv.dll文件多个整数溢出漏洞
CVE-2009-5020AWStats awredir.pl文件开放重定向漏洞
CVE-2010-4020MIT Kerberos设计错误漏洞
CVE-2010-1323MIT Kerberos 5设计错误漏洞
CVE-2010-4313Novo-Ws Orbis CMS fileman_file_upload.php文件无限制文件上传漏洞
CVE-2010-4283Artica Pandora FMS extras/pandora_diag.php文件PHP远程文件包含漏洞
CVE-2010-4282Artica Pandora FMS多个目录遍历漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-1324

No comments yet

Leave a comment