| Vulnerability Name: | CVE-1999-0143 (CCN-64) | ||||||||
| Assigned: | 1996-02-21 | ||||||||
| Published: | 1996-02-21 | ||||||||
| Updated: | 2022-08-17 | ||||||||
| Summary: | Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-1999-0143 Source: CCN Type: Kerberos Web site Kerberos: The Network Authentication Protocol Source: CCN Type: Massachusetts Institute of Technology Web site Kerberos: The Network Authentication Protocol Source: CCN Type: CERT Advisory CA-1996-03 Vulnerability in Kerberos 4 Key Server Source: CCN Type: OSVDB ID: 4880 MIT Kerberos 4 Key Server Session Key Masquerade Source: CCN Type: BID-2351 Kerberos 4 Valid Username and Realm Disclosure Vulnerability Source: XF Type: UNKNOWN kerberos-bf(64) Source: MISC Type: UNKNOWN https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||