| VID |
13012 |
| Severity |
40 |
| Port |
750 |
| Protocol |
UDP |
| Class |
Protocol |
| Detailed Description |
The system is running Kerberos 4 protocol.
Multiple cryptographic weaknesses have been reported to affect the Kerberos 4 protocol. These are design faults and affect every full implementations of the protocol. The most serious allows for an attacker to impersonate any principal in a Kerberos realm. This can result in a complete compromise of the Kerberos Domain Controller and any hosts which rely on it for authentication. Another weakness allow fabrication of Kerberos 4 tickets for unauthorized client principals if triple-DES keys are used to key Kerberos 4 services.
* References:
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt
http://marc.theaimsgroup.com/?l=bugtraq&m=104791775804776&w=2
http://www.debian.org/security/2003/dsa-266
http://www.debian.org/security/2003/dsa-269
http://www.debian.org/security/2003/dsa-273
http://www.redhat.com/support/errata/RHSA-2003-051.html
http://www.redhat.com/support/errata/RHSA-2003-052.html
http://www.redhat.com/support/errata/RHSA-2003-091.html
http://www.kb.cert.org/vuls/id/623217
http://www.kb.cert.org/vuls/id/442569
* Affected Softwares:
- All implementations of the Kerberos version 4 Key Distribution Center that allow cross-realm authentication.
- All implementations of the Kerberos version 5 Key Distribution Center that also implement a KDC for the Kerberos version 4 protocol and use the same keys for version 4 and version 5.
- MIT implementations of krb5 that include support for triple-DES keys in krb4. |
| Recommendation |
Use Kerberos 5 protocol instead. If you run Kerberos 5 with Kerberos 4 backward compatibility, make sure you upgrade to version 1.3. For more details, see MIT krb5 Security Advisory 2003-004, http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt
To obtain a patch from the vendor, see "III. Solution" in CERT Vulnerability Note VU#623217, http://www.kb.cert.org/vuls/id/623217 |
| Related URL |
CVE-2003-0138,CVE-2003-0139 (CVE) |
| Related URL |
7113 (SecurityFocus) |
| Related URL |
(ISS) |
|
