CVE-2003-0138
published 2003-03-24CVE-2003-0138: Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | heimdal | < heimdal 0.5.2-1 (bookworm) | heimdal 0.5.2-1 (bookworm) |
| debian | krb5 | < heimdal 0.5.2-1 (bookworm) | heimdal 0.5.2-1 (bookworm) |
| heimdal_project | heimdal | >= 0 < 0.5.2-1 | 0.5.2-1 |
| heimdal_project | heimdal | >= 0 < 0.5.2-1 | 0.5.2-1 |
| heimdal_project | heimdal | >= 0 < 0.5.2-1 | 0.5.2-1 |
| heimdal_project | heimdal | >= 0 < 0.5.2-1 | 0.5.2-1 |
| mit | kerberos | — | — |
| mit | krb5 | >= 0 < 1.2.7-3 | 1.2.7-3 |
| mit | krb5 | >= 0 < 1.2.7-3 | 1.2.7-3 |
| mit | krb5 | >= 0 < 1.2.7-3 | 1.2.7-3 |
| mit | krb5 | >= 0 < 1.2.7-3 | 1.2.7-3 |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH