Kerberos 4 Realm Principle Impersonation

high Nessus Plugin ID 11511

Language:

Synopsis

The remote host is using an authentication protocol with cryptographic weaknesses.

Description

The remote host is running Kerberos IV.

It has been demonstrated that the Kerberos IV protocol has inherent design flaws that make it insecure to use.

Solution

Use Kerberos 5 instead. If you run Kerberos 5 with Kerberos IV backward compatibility, make sure you upgrade to version 1.3.

See Also

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt

Plugin Details

Severity: High

ID: 11511

File Name: kerberos4_crypto_weaknesses.nasl

Version: 1.19

Type: remote

Family: Misc.

Published: 4/3/2003

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 3/17/2003

Reference Information

CVE: CVE-2003-0138

BID: 7113