Vulnerability Note VU#623217
Cryptographic weakness in Kerberos Version 4 protocol
Several cryptographic vulnerabilities exist in the basic Kerberos Version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm and gain any privilege authorized through that Kerberos realm.
The MIT Kerberos Development team has discovered a serious cryptographic flaw in the Kerberos version 4 protocol. This flaw could allow an attacker to compromise the entire affected Kerberos realm.
From the MIT advisory:
The initial portion of a Kerberos 4 ticket is a one-byte flags field (either 0 or 1) followed by the client name. Since all of this initial text is constant, the beginning of a ticket for a given client/service will be the same. An attacker thus knows the encryption of the initial plaintext in the service key. If an attacker can control client principals whose names he chooses, then he can get the encryption of these plaintext values in the service key."
The Kerberos version 5 protocol is not vulnerable to this issue. However, implementations that implement both Kerberos 4 and Kerberos 5 tend to use the same keys for both protocols. As a result, the Kerberos 4 vulnerabilities can be used to compromise Kerberos 5 services at sites using these implementations.
A number of specific impacts can result because of this vulnerability:
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Conectiva||Affected||05 Mar 2003||09 May 2003|
|Debian||Affected||05 Mar 2003||31 Mar 2003|
|Gentoo Linux||Affected||-||31 Mar 2003|
|MandrakeSoft||Affected||05 Mar 2003||01 Apr 2003|
|MiT Kerberos Development Team||Affected||-||17 Mar 2003|
|NetBSD||Affected||-||04 Apr 2003|
|OpenAFS||Affected||05 Mar 2003||02 Apr 2003|
|OpenBSD||Affected||05 Mar 2003||24 Mar 2003|
|Red Hat Inc.||Affected||05 Mar 2003||02 Apr 2003|
|Wirex||Affected||05 Mar 2003||09 Apr 2003|
|Hitachi||Not Affected||05 Mar 2003||04 Apr 2003|
|Ingrian Networks||Not Affected||05 Mar 2003||10 Mar 2003|
|Juniper Networks||Not Affected||05 Mar 2003||17 Mar 2003|
|Lotus Software||Not Affected||05 Mar 2003||17 Mar 2003|
|Microsoft Corporation||Not Affected||05 Mar 2003||20 Mar 2003|
CVSS Metrics (Learn More)
The CERT/CC thanks Sam Hartman, Ken Raeburn, and Tom Yu of the Kerberos group at MIT for their detailed analysis and report of this vulnerability.
This document was written by Chad Dougherty.
- CVE IDs: CAN-2003-0138
- Date Public: 15 Mar 2003
- Date First Published: 20 Mar 2003
- Date Last Updated: 09 May 2003
- Severity Metric: 13.54
- Document Revision: 15
If you have feedback, comments, or additional information about this vulnerability, please send us email.