Several cryptographic vulnerabilities exist in the basic Kerberos version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm and gain any privilege authorized through that Kerberos realm.
The MIT Kerberos Development team has discovered a serious cryptographic flaw in the Kerberos version 4 protocol. This flaw could allow an attacker to compromise the entire affected Kerberos realm. In addition to the vulnerability described in VU#623217, an additional vulnerability was discovered in the MIT Kerberos implementation of triple-DES encryption of service tickets.
From the MIT advisory:
In addition to the impacts described for VU#623217, an attacker may impersonate any principal to a service keyed with triple-DES Kerberos version 4 keys, given the ability to capture network traffic containing tickets for the target client principal.
Apply a patch from the vendor
Red Hat Inc.
Apple Computer Inc.
Cisco Systems Inc.
Foundry Networks Inc.
Guardian Digital Inc.
MiT Kerberos Development Team
Multi-Tech Systems Inc.
Redback Networks Inc.
Sun Microsystems Inc.
The SCO Group (SCO Linux)
The SCO Group (SCO UnixWare)
Wind River Systems Inc.
The CERT/CC thanks Sam Hartman, Ken Raeburn, and Tom Yu of the Kerberos group at MIT for their detailed analysis and report of this vulnerability.
This document was written by Chad R Dougherty.
|Date First Published:||2003-03-20|
|Date Last Updated:||2003-05-09 19:11 UTC|