Описание
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.12.1+dfsg-16 |
| esm-infra-legacy/trusty | released | 1.12+dfsg-2ubuntu5.1 |
| lucid | released | 1.8.1+dfsg-2ubuntu0.14 |
| precise | released | 1.10+dfsg~beta1-2ubuntu0.6 |
| trusty | released | 1.12+dfsg-2ubuntu5.1 |
| trusty/esm | released | 1.12+dfsg-2ubuntu5.1 |
| upstream | released | 1.12.1+dfsg-10 |
| utopic | not-affected | 1.12.1+dfsg-10 |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal. ...
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
2.1 Low
CVSS2