NVD

Id
73286  
Name
CVE-2003-0139  
Description
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2003-03-24  
Modified Date
2016-10-17  
Seq
2003-0139  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
377439 73286 CVE-2003-0139 20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4  View
377440 73286 CVE-2003-0139 oval:org.mitre.oval:def:250  View
377441 73286 CVE-2003-0139 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt  View
377442 73286 CVE-2003-0139 DSA-266  View
377443 73286 CVE-2003-0139 DSA-273  View
377444 73286 CVE-2003-0139 VU#442569  View
377445 73286 CVE-2003-0139 RHSA-2003:051  View
377446 73286 CVE-2003-0139 RHSA-2003:052  View
377447 73286 CVE-2003-0139 RHSA-2003:091  View
377448 73286 CVE-2003-0139 20030331 GLSA: krb5 & mit-krb5 (200303-28)  View
377449 73286 CVE-2003-0139 20030330 GLSA: openafs (200303-26)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63358 JVNDB-2003-000084 Kerberos 4 の Triple-DES の実装におけるネットワークトラフィックを解析される脆弱性 ------------ CVE-2003-0139 6967 CVE-2003-0139 73286 7.5 http://jvndb.jvn.jp/ja/contents/2003/JVNDB-2003-000084.html 2003-03-17 2007-04-01 View