This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The MIT Kerberos team reports :
MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2
An unauthenticated remote attacker could alter a SAM-2 challenge,
affecting the prompt text seen by the user or the kind of response
sent to the KDC. Under some circumstances, this can negate the
incremental security benefit of using a single-use authentication
MIT krb5 incorrectly accepts RFC 3961 key-derivation checksums using
RC4 keys when verifying KRB-SAFE messages.
An unauthenticated remote attacker has a 1/256 chance of forging
KRB-SAFE messages in an application protocol if the targeted
pre-existing session uses an RC4 session key. Few application
protocols use KRB-SAFE messages.
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.0
Public Exploit Available : true