Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0059

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0059
Last Modified 05 Sep 2008 04:33:21
Published 19 Feb 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0059

Summary

Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.

Vulnerable Systems

Application

  • Mit Kerberos 5-1.2.1

  • Mit Kerberos 5-1.2.2


References

CERT-VN - VU#684563

BID - 6714

CONFIRM - http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt

XF - kerberos-kdc-user-spoofing(11188)

REDHAT - RHSA-2003:168

REDHAT - RHSA-2003:052

REDHAT - RHSA-2003:051

MANDRAKE - MDKSA-2003:043

CONECTIVA - CLSA-2003:639


Last Updated: 27 May 2016 10:37:46