CVE-2003-0138
EPSS 5.6%krb4 - Cryptographic weakness
Published: 3/24/2003Modified: 4/28/2026
Description
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
Affected packages (4)
- Debian/heimdalfrom 0, < 0.5.2-1
- Debian/heimdalfrom 0, < 0.4e-7.woody.8
- Debian/krb4from 0, < 1.1-8-2.3
- Debian/krb5from 0, < 1.2.7-3