Kerberos 5 < 1.3.5 Multiple Vulnerabilities

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

It may be possible to execute arbitrary code on the remote Kerberos
server.

Description :

The remote host is running Kerberos 5.

There are multiple flaws that affect this product. Make sure you are
running the latest version with the latest patches.

Note that Nessus could not check for any of the flaws and solely
relied on the presence of the service to issue an alert, so this might
be a false positive.

See also :

http://www.nessus.org/u?34bb0fc8

Solution :

Upgrade to Kerberos 5 (krb5) 1.3.5 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false