Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2003-0139
Description:Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2003-0139
Bugtraq: 20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 (Google Search)
http://marc.info/?l=bugtraq&m=104791775804776&w=2
Bugtraq: 20030330 GLSA: openafs (200303-26) (Google Search)
http://www.securityfocus.com/archive/1/317130/30/25250/threaded
Bugtraq: 20030331 GLSA: krb5 & mit-krb5 (200303-28) (Google Search)
http://www.securityfocus.com/archive/1/316960/30/25250/threaded
CERT/CC vulnerability note: VU#442569
http://www.kb.cert.org/vuls/id/442569
Debian Security Information: DSA-266 (Google Search)
http://www.debian.org/security/2003/dsa-266
Debian Security Information: DSA-273 (Google Search)
http://www.debian.org/security/2003/dsa-273
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250
RedHat Security Advisories: RHSA-2003:051
http://www.redhat.com/support/errata/RHSA-2003-051.html
RedHat Security Advisories: RHSA-2003:052
http://www.redhat.com/support/errata/RHSA-2003-052.html
RedHat Security Advisories: RHSA-2003:091
http://www.redhat.com/support/errata/RHSA-2003-091.html




© 1998-2024 E-Soft Inc. All rights reserved.