suse · CVE-2010-1323

Quick triage

Priority: medium Published: 2021-05-30 12:51:09 UTC Updated: 2026-04-18 20:13:01 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2010-1323 severity moderate: SUSE including 112 source package names (krb5-1.12.1-19.1, krb5-1.12.1-6.3, …), 173 product×package rows across 34 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (34 product lines)): Fixed 173.

Description:

MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.

cvelogic Threat Intelligence